From fe34d0facd54a6f471d73f3cba114dedc4f04969 Mon Sep 17 00:00:00 2001 From: Guido van Rossum Date: Thu, 28 Mar 2002 20:18:48 +0000 Subject: Backport to 2.2.1. Fix an issue that was reported in but unrelated to the main problem of SF bug 535905 (Evil Trashcan and GC interaction). The SETLOCAL() macro should not DECREF the local variable in-place and then store the new value; it should copy the old value to a temporary value, then store the new value, and then DECREF the temporary value. This is because it is possible that during the DECREF the frame is accessed by other code (e.g. a __del__ method or gc.collect()) and the variable would be pointing to already-freed memory. BUGFIX CANDIDATE! --- Python/ceval.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'Python') diff --git a/Python/ceval.c b/Python/ceval.c index e7ca82bc1a..0fa5887781 100644 --- a/Python/ceval.c +++ b/Python/ceval.c @@ -554,8 +554,16 @@ eval_frame(PyFrameObject *f) /* Local variable macros */ #define GETLOCAL(i) (fastlocals[i]) -#define SETLOCAL(i, value) do { Py_XDECREF(GETLOCAL(i)); \ - GETLOCAL(i) = value; } while (0) + +/* The SETLOCAL() macro must not DECREF the local variable in-place and + then store the new value; it must copy the old value to a temporary + value, then store the new value, and then DECREF the temporary value. + This is because it is possible that during the DECREF the frame is + accessed by other code (e.g. a __del__ method or gc.collect()) and the + variable would be pointing to already-freed memory. */ +#define SETLOCAL(i, value) do { PyObject *tmp = GETLOCAL(i); \ + GETLOCAL(i) = value; \ + Py_XDECREF(tmp); } while (0) /* Start of code */ -- cgit v1.2.1