bpo-40412: Nullify inittab_copy during finalization (GH-19746)

Otherwise we leave a dangling pointer to free'd memory. If we then initialize a new interpreter in the same process and call PyImport_ExtendInittab, we will (likely) crash when calling PyMem_RawRealloc(inittab_copy, ...) since the pointer address is bogus. Automerge-Triggered-By: @brettcannon
author: Gregory Szorc <gregory.szorc@gmail.com> 2020-05-01 11:07:54 -0700
committer: GitHub <noreply@github.com> 2020-05-01 11:07:54 -0700
commit: 64224a4727321a8dd33e6f769edda401193ebef0 (patch)
tree: 92a3bab10fdd5f9b75cae94339917f9d78b32bac
parent: 831d58d7865cb98fa09227dc614f4f3ce6af968b (diff)
download: cpython-git-64224a4727321a8dd33e6f769edda401193ebef0.tar.gz
2 files changed, 2 insertions, 0 deletions
diff --git a/Misc/NEWS.d/next/C API/2020-05-01-17-28-04.bpo-40412.dE0D8N.rst b/Misc/NEWS.d/next/C API/2020-05-01-17-28-04.bpo-40412.dE0D8N.rst
new file mode 100644
index 0000000000..92bfcddf11
--- /dev/null
+++ b/Misc/NEWS.d/next/C API/2020-05-01-17-28-04.bpo-40412.dE0D8N.rst
@@ -0,0 +1 @@
+Nullify inittab_copy during finalization, preventing future interpreter initializations in an embedded situation from crashing. Patch by Gregory Szorc.
diff --git a/Python/import.c b/Python/import.c
index 8c94e0ec54..400b02abbd 100644
--- a/Python/import.c
+++ b/Python/import.c
@@ -298,6 +298,7 @@ _PyImport_Fini2(void)
 
     /* Free memory allocated by PyImport_ExtendInittab() */
     PyMem_RawFree(inittab_copy);
+    inittab_copy = NULL;
 
     PyMem_SetAllocator(PYMEM_DOMAIN_RAW, &old_alloc);
 }
author	Gregory Szorc <gregory.szorc@gmail.com>	2020-05-01 11:07:54 -0700
committer	GitHub <noreply@github.com>	2020-05-01 11:07:54 -0700
commit	64224a4727321a8dd33e6f769edda401193ebef0 (patch)
tree	92a3bab10fdd5f9b75cae94339917f9d78b32bac
parent	831d58d7865cb98fa09227dc614f4f3ce6af968b (diff)
download	cpython-git-64224a4727321a8dd33e6f769edda401193ebef0.tar.gz