commit c12afa92b0db6f017e479b41f95d75bac7b59850
author Miss Skeleton (bot) <31488909+miss-islington@users.noreply.github.com> Sun Oct 25 17:34:29 2020 -0700
committer GitHub <noreply@github.com> Sun Oct 25 17:34:29 2020 -0700
tree 55d030be45000e5a7227fb52d17512b2923cdda2
parent 0b290dd2171e745d94f48298cafb2327eb2de17c

[3.9] bpo-42146: Fix memory leak in subprocess.Popen() in case of uid/gid overflow (GH-22966) (GH-22980)



Fix memory leak in subprocess.Popen() in case of uid/gid overflow

Also add a test that would catch this leak with `--huntrleaks`.

Alas, the test for `extra_groups` also exposes an inconsistency
in our error reporting: we use a custom ValueError for `extra_groups`,
but propagate OverflowError for `user` and `group`.
(cherry picked from commit c0590c0033e86f98cdf5f2ca6898656f98ab4053)


Co-authored-by: Alexey Izbyshev <izbyshev@ispras.ru>

Automerge-Triggered-By: GH:gpshead

Modules/_posixsubprocess.c

diff --git a/Modules/_posixsubprocess.c b/Modules/_posixsubprocess.c
index 5d1691a..5356417 100644
--- a/Modules/_posixsubprocess.c
+++ b/Modules/_posixsubprocess.c
@@ -626,7 +626,7 @@
     uid_t uid;
     gid_t gid, *groups = NULL;
     int child_umask;
-    PyObject *cwd_obj, *cwd_obj2;
+    PyObject *cwd_obj, *cwd_obj2 = NULL;
     const char *cwd;
     pid_t pid;
     int need_to_reenable_gc = 0;
@@ -748,7 +748,6 @@
         cwd = PyBytes_AsString(cwd_obj2);
     } else {
         cwd = NULL;
-        cwd_obj2 = NULL;
     }
 
     if (groups_list != Py_None) {
@@ -908,6 +907,7 @@
     return PyLong_FromPid(pid);
 
 cleanup:
+    Py_XDECREF(cwd_obj2);
     if (envp)
         _Py_FreeCharPArray(envp);
     if (argv)