diff options
| -rw-r--r-- | Misc/NEWS | 2 | ||||
| -rw-r--r-- | Python/bltinmodule.c | 5 |
2 files changed, 7 insertions, 0 deletions
@@ -12,6 +12,8 @@ What's New in Python 3.3.3 release candidate 1? Core and Builtins ----------------- +- Issue #18560: Fix potential NULL pointer dereference in sum(). + - Issue #15905: Fix theoretical buffer overflow in handling of sys.argv[0], prefix and exec_prefix if the operation system does not obey MAXPATHLEN. diff --git a/Python/bltinmodule.c b/Python/bltinmodule.c index 4fe8dace59..b07ee8ec32 100644 --- a/Python/bltinmodule.c +++ b/Python/bltinmodule.c @@ -2009,6 +2009,11 @@ builtin_sum(PyObject *self, PyObject *args) } /* Either overflowed or is not an int. Restore real objects and process normally */ result = PyLong_FromLong(i_result); + if (result == NULL) { + Py_DECREF(item); + Py_DECREF(iter); + return NULL; + } temp = PyNumber_Add(result, item); Py_DECREF(result); Py_DECREF(item); |