Commit5230244

miss-islington

and

Nico-Posada

authored

[3.13]gh-134100: Fix use-after-free inPyImport_ImportModuleLevelObject (GH-134117) (#134172)

gh-134100: Fix use-after-free in `PyImport_ImportModuleLevelObject` (GH-134117)(cherry picked from commit4e9005d)Co-authored-by: Nico-Posada <102486290+Nico-Posada@users.noreply.github.com>

1 parentfd6a602 commit5230244Copy full SHA for 5230244

File tree

3 files changed

+20

-1

lines changed

Lib/test/test_importlib/import_
- test_relative_imports.py
Misc/NEWS.d/next/Core_and_Builtins
- 2025-05-16-17-25-52.gh-issue-134100.5-FbLK.rst
Python
- import.c

3 files changed

+20

-1

lines changed

`‎Lib/test/test_importlib/import_/test_relative_imports.py`

Lines changed: 15 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -223,6 +223,21 @@ def test_relative_import_no_package_exists_absolute(self):`
`223`	`223`	`self.__import__('sys', {'__package__':'','__spec__':None},`
`224`	`224`	`level=1)`
`225`	`225`
	`226`	`+deftest_malicious_relative_import(self):`
	`227`	`+# https://github.com/python/cpython/issues/134100`
	`228`	`+# Test to make sure UAF bug with error msg doesn't come back to life`
	`229`	`+importsys`
	`230`	`+loooong="".ljust(0x23000,"b")`
	`231`	`+name=f"a.{loooong}.c"`
	`232`	`+`
	`233`	`+withutil.uncache(name):`
	`234`	`+sys.modules[name]= {}`
	`235`	`+withself.assertRaisesRegex(`
	`236`	`+KeyError,`
	`237`	`+r"'a\.b+' not in sys\.modules as expected"`
	`238`	`+ ):`
	`239`	`+__import__(f"{loooong}.c", {"__package__":"a"},level=1)`
	`240`	`+`
`226`	`241`
`227`	`242`	`(Frozen_RelativeImports,`
`228`	`243`	`Source_RelativeImports`

`‎Misc/NEWS.d/next/Core_and_Builtins/2025-05-16-17-25-52.gh-issue-134100.5-FbLK.rst`

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+Fix a use-after-free bug that occurs when an imported module isn't`
	`2`	+in:data:`sys.modules` after its initial import. Patch by Nico-Posada.

`‎Python/import.c`

Lines changed: 3 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -3830,15 +3830,17 @@ PyImport_ImportModuleLevelObject(PyObject name, PyObject globals,`
`3830`	`3830`	`}`
`3831`	`3831`
`3832`	`3832`	`final_mod=import_get_module(tstate,to_return);`
`3833`		`-Py_DECREF(to_return);`
`3834`	`3833`	`if (final_mod==NULL) {`
`3835`	`3834`	`if (!_PyErr_Occurred(tstate)) {`
`3836`	`3835`	`_PyErr_Format(tstate,PyExc_KeyError,`
`3837`	`3836`	`"%R not in sys.modules as expected",`
`3838`	`3837`	`to_return);`
`3839`	`3838`	`}`
	`3839`	`+Py_DECREF(to_return);`
`3840`	`3840`	`gotoerror;`
`3841`	`3841`	`}`
	`3842`	`+`
	`3843`	`+Py_DECREF(to_return);`
`3842`	`3844`	`}`
`3843`	`3845`	`}`
`3844`	`3846`	`else {`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commit5230244

File tree

3 files changed

3 files changed

`‎Lib/test/test_importlib/import_/test_relative_imports.py`

`‎Misc/NEWS.d/next/Core_and_Builtins/2025-05-16-17-25-52.gh-issue-134100.5-FbLK.rst`

`‎Python/import.c`

0 commit comments