René's URL Explorer Experiment

{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"Set: `BUILD_SET` opcode can be failed with segfault","articleBody":"https://github.com/python/cpython/blob/36b139af638cdeb671cb6b8b0315b254148688f7/Python/generated_cases.c.h#L1648-L1667\r\n\u0026\r\nhttps://github.com/python/cpython/blob/36b139af638cdeb671cb6b8b0315b254148688f7/Python/bytecodes.c#L1303-L1316\r\n\r\nDoesn't take in account case, when `PySet_New(NULL)` returns NULL.\r\nWe are checking that `PySet_Add` doesn't return a non-zero(-1) value.\r\nBut, `PySet_Add` has a check, that first argument is a subclass of `set`. Which fails, if we will pass `(PyObject *) NULL` as first argument. Why?\r\n```c\r\n#define PySet_Check(ob) \\\r\n    (Py_IS_TYPE((ob), \u0026PySet_Type) || \\\r\n    PyType_IsSubtype(Py_TYPE(ob), \u0026PySet_Type))\r\n```\r\n`PySet_Add` uses this macross. But, `Py_TYPE` will be failed with segfault when try to access `ob_type` of `(PyObject *) NULL`.\r\n\r\nImplementation of `Py_TYPE`:\r\n\r\n```c\r\nstatic inline PyTypeObject* Py_TYPE(PyObject *ob) {\r\n    return ob-\u003eob_type;\r\n}\r\n```\r\n\r\n```gdb\r\n(gdb) call (PyObject *) NULL\r\n$1 = (PyObject *) 0x0\r\n(gdb) call $1-\u003eob_type\r\nCannot access memory at address 0x8\r\n```\r\nSo, we should add check, that value of `PySet_New` is not-null.\n\n\u003c!-- gh-linked-prs --\u003e\n### Linked PRs\n* gh-101958\n\u003c!-- /gh-linked-prs --\u003e\n","author":{"url":"https://github.com/Eclips4","@type":"Person","name":"Eclips4"},"datePublished":"2023-02-16T14:51:44.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":6},"url":"https://github.com/101952/cpython/issues/101952"}