diff options
| -rw-r--r-- | Misc/NEWS.d/next/Core and Builtins/2018-08-23-21-32-27.bpo-18560.5q_c1C.rst | 1 | ||||
| -rw-r--r-- | Python/bltinmodule.c | 5 |
2 files changed, 6 insertions, 0 deletions
diff --git a/Misc/NEWS.d/next/Core and Builtins/2018-08-23-21-32-27.bpo-18560.5q_c1C.rst b/Misc/NEWS.d/next/Core and Builtins/2018-08-23-21-32-27.bpo-18560.5q_c1C.rst new file mode 100644 index 0000000000..4c1f060022 --- /dev/null +++ b/Misc/NEWS.d/next/Core and Builtins/2018-08-23-21-32-27.bpo-18560.5q_c1C.rst @@ -0,0 +1 @@ +Fix potential NULL pointer dereference in sum(). diff --git a/Python/bltinmodule.c b/Python/bltinmodule.c index f19115d2cb..f38fcaca71 100644 --- a/Python/bltinmodule.c +++ b/Python/bltinmodule.c @@ -2363,6 +2363,11 @@ builtin_sum(PyObject *self, PyObject *args) } /* Either overflowed or is not an int. Restore real objects and process normally */ result = PyInt_FromLong(i_result); + if (result == NULL) { + Py_DECREF(item); + Py_DECREF(iter); + return NULL; + } temp = PyNumber_Add(result, item); Py_DECREF(result); Py_DECREF(item); |