790584 – Segfaults in error-handling within pycrypto

Bug 790584 - Segfaults in error-handling within pycrypto

Summary: Segfaults in error-handling within pycrypto

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	python-crypto
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Paul Howarth
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	cpychecker
TreeView+	depends on / blocked

Reported:	2012-02-14 21:30 UTC by Dave Malcolm
Modified:	2012-02-28 10:56 UTC (History)
CC List:	3 users (show)
Fixed In Version:	python-crypto-2.5-2.fc17
Clone Of:
Environment:
Last Closed:	2012-02-28 10:56:57 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Launchpad	934294	0	None	None	None	Never

Description Dave Malcolm 2012-02-14 21:30:23 UTC

Description of problem:
I've been writing an experimental static analysis tool to detect bugs commonly occurring within C Python extension modules:
  https://fedorahosted.org/gcc-python-plugin/
  http://gcc-python-plugin.readthedocs.org/en/latest/cpychecker.html

I ran the latest version of the tool (in git master; post 0.9) on python-crypto-2.5-1.fc17.src.rpm, and it reports various errors.

You can see a list of errors here, triaged into categories (from most significant to least significant):
http://fedorapeople.org/~dmalcolm/gcc-python-plugin/2012-02-14/python-crypto-2.5-1.fc17/

Note that the top-most bug there is a false positive (reported for "Segfaults in normal paths" - "Crypto.Random" always has a "new" member, though the checker can't know that)

I believe that the five errors reported within "Segfaults within error-handling paths" are genuine crashers, which could be seen under low memory conditions.

(There may of course be other bugs in my checker tool)

Version-Release number of selected component (if applicable):
python-crypto-2.5-1.fc17

[1] http://fedoraproject.org/wiki/Features/StaticAnalysisOfPythonRefcounts

Comment 1 Dave Malcolm 2012-02-14 21:37:14 UTC

[If this bug report is mystifying to you, let me know - I'm trying to iron out the wrinkles in the analysis tool]

Comment 2 Paul Howarth 2012-02-17 15:53:49 UTC

I've reported this upstream:

https://bugs.launchpad.net/pycrypto/+bug/934294

Comment 3 Paul Howarth 2012-02-18 22:39:21 UTC

I've included upstream's fixes for these issues in python-crypto-2.5-2 (built in Rawhide and building for F-17). Can you try re-running your checker on the new code?

Comment 4 Fedora Update System 2012-02-18 22:51:58 UTC

python-crypto-2.5-2.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/python-crypto-2.5-2.fc17

Comment 5 Fedora Update System 2012-02-19 04:36:42 UTC

Package python-crypto-2.5-2.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing python-crypto-2.5-2.fc17'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-1988/python-crypto-2.5-2.fc17
then log in and leave karma (feedback).

Comment 6 Fedora Update System 2012-02-28 10:56:57 UTC

python-crypto-2.5-2.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.