Repair widespread misuse of _PyString_Resize. Since it's clear people
don't understand how this function works, also beefed up the docs. The
most common usage error is of this form (often spread out across gotos):
if (_PyString_Resize(&s, n) < 0) {
Py_DECREF(s);
s = NULL;
goto outtahere;
}
The error is that if _PyString_Resize runs out of memory, it automatically
decrefs the input string object s (which also deallocates it, since its
refcount must be 1 upon entry), and sets s to NULL. So if the "if"
branch ever triggers, it's an error to call Py_DECREF(s): s is already
NULL! A correct way to write the above is the simpler (and intended)
if (_PyString_Resize(&s, n) < 0)
goto outtahere;
Bugfix candidate.
diff --git a/Modules/zlibmodule.c b/Modules/zlibmodule.c
index a3891f7..cfb71ae 100644
--- a/Modules/zlibmodule.c
+++ b/Modules/zlibmodule.c
@@ -255,9 +255,8 @@
/* fall through */
case(Z_OK):
/* need more memory */
- if (_PyString_Resize(&result_str, r_strlen << 1) == -1) {
+ if (_PyString_Resize(&result_str, r_strlen << 1) < 0) {
inflateEnd(&zst);
- result_str = NULL;
goto error;
}
zst.next_out = (unsigned char *)PyString_AS_STRING(result_str) \
@@ -414,10 +413,8 @@
/* while Z_OK and the output buffer is full, there might be more output,
so extend the output buffer and try again */
while (err == Z_OK && self->zst.avail_out == 0) {
- if (_PyString_Resize(&RetVal, length << 1) == -1) {
- RetVal = NULL;
+ if (_PyString_Resize(&RetVal, length << 1) < 0)
goto error;
- }
self->zst.next_out = (unsigned char *)PyString_AS_STRING(RetVal) \
+ length;
self->zst.avail_out = length;
@@ -438,9 +435,7 @@
RetVal = NULL;
goto error;
}
- if (_PyString_Resize(&RetVal,
- self->zst.total_out - start_total_out) < 0)
- RetVal = NULL;
+ _PyString_Resize(&RetVal, self->zst.total_out - start_total_out);
error:
LEAVE_ZLIB
@@ -510,10 +505,8 @@
if (max_length && length > max_length)
length = max_length;
- if (_PyString_Resize(&RetVal, length) == -1) {
- RetVal = NULL;
+ if (_PyString_Resize(&RetVal, length) < 0)
goto error;
- }
self->zst.next_out = (unsigned char *)PyString_AS_STRING(RetVal) \
+ old_length;
self->zst.avail_out = length - old_length;
@@ -561,8 +554,7 @@
goto error;
}
- if (_PyString_Resize(&RetVal, self->zst.total_out - start_total_out) < 0)
- RetVal = NULL;
+ _PyString_Resize(&RetVal, self->zst.total_out - start_total_out);
error:
LEAVE_ZLIB
@@ -612,10 +604,8 @@
/* while Z_OK and the output buffer is full, there might be more output,
so extend the output buffer and try again */
while (err == Z_OK && self->zst.avail_out == 0) {
- if (_PyString_Resize(&RetVal, length << 1) == -1) {
- RetVal = NULL;
+ if (_PyString_Resize(&RetVal, length << 1) < 0)
goto error;
- }
self->zst.next_out = (unsigned char *)PyString_AS_STRING(RetVal) \
+ length;
self->zst.avail_out = length;
@@ -651,8 +641,7 @@
goto error;
}
- if (_PyString_Resize(&RetVal, self->zst.total_out - start_total_out) < 0)
- RetVal = NULL;
+ _PyString_Resize(&RetVal, self->zst.total_out - start_total_out);
error:
LEAVE_ZLIB