This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes

Bug 800116

Summary: Bugs found in pyhunspell-0.1-6.fc17 using gcc-with-cpychecker static analyzer
Product: [Fedora] Fedora Reporter: Dave Malcolm <dmalcolm>
Component: pyhunspellAssignee: Mike FABIAN <mfabian>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: mfabian, opensource
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: pyhunspell-0.3.3-1.fc23 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-02-03 15:51:43 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 789472    

Description Dave Malcolm 2012-03-05 14:13:46 EST
Description of problem:
I've been writing an experimental static analysis tool to detect bugs commonly occurring within C Python extension modules:

I ran the latest version of the tool (in git master; post 0.9) on
pyhunspell-0.1-6.fc17.src.rpm, and it reports various errors.

You can see a list of errors here, triaged into categories (from most significant to least significant):

I've manually reviewed the issues reported by the tool.

Within the category "Reference leaks" the 4 issues reported appear to be genuine  memory leaks, each of the form:
   PyList_Append(list, Py_BuildValue())
When Py_BuildValue() succeeds it returns a new reference, but PyList_Append doesn't steal that reference, it adds a new reference.  Hence this leaks a reference to the built value, and it becomes "immortal" for the rest of the lifetime of the process.

Within the category "Segfaults within error-handling paths" the 4 issues reported are for the same code as the above, considering the case where the PyList_New() call fails (e.g. due to out of memory), it will return NULL, and then the PyList_Append(NULL, item) call will segfault.  Note that the Py_BuildValue() and PyList_Append calls could also fail.

Suggested fix is to add an intermediate value, changing the calls to:

    slist_list = PyList_New(0);
    if (!slist_list) {
        return NULL;

within the loop:
    PyObject *item; 
    item = Py_BuildValue(etc);
    if (!item) {
        return NULL;
    if (-1 == PyList_Append(slist_list, item)) {
        return NULL;

or similar.

There may of course be other bugs in my checker tool.

Hope this is helpful; let me know if you need help reading the logs that the tool generates - I know that it could use some improvement.

Version-Release number of selected component (if applicable):
gcc-python-plugin post-0.9 git 11462291a66c8db693c8884cb84b795bb5988ffb running the checker in an *f16* chroot
Comment 1 Till Maas 2012-03-21 14:02:48 EDT
Can you maybe discuss this with upstream?
Comment 2 Dave Malcolm 2012-03-21 14:54:29 EDT
(In reply to comment #1)
> Can you maybe discuss this with upstream?
Thanks; I've filed this upstream as
Comment 3 Fedora Admin XMLRPC Client 2013-01-10 01:37:16 EST
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 4 Fedora Update System 2013-01-11 10:49:17 EST
pyhunspell-0.1-9.fc18 has been submitted as an update for Fedora 18.
Comment 5 Fedora Update System 2013-01-12 10:06:41 EST
Package pyhunspell-0.1-9.fc18:
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing pyhunspell-0.1-9.fc18'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
Comment 6 Fedora Update System 2013-01-23 11:12:31 EST
pyhunspell-0.1-9.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 7 Fedora Update System 2015-12-22 08:34:05 EST
pyhunspell-0.3.3-1.fc23 has been submitted as an update to Fedora 23.
Comment 8 Fedora Update System 2015-12-22 19:10:06 EST
pyhunspell-0.3.3-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report.
See for
instructions on how to install test updates.
You can provide feedback for this update here:
Comment 9 Fedora Update System 2016-02-03 15:51:41 EST
pyhunspell-0.3.3-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.