800154 – Bugs found in python-iwlib-1.1-2.fc17 using gcc-with-cpychecker static analyzer

Bug 800154 - Bugs found in python-iwlib-1.1-2.fc17 using gcc-with-cpychecker static analyzer

Summary: Bugs found in python-iwlib-1.1-2.fc17 using gcc-with-cpychecker static analyzer

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	python-iwlib
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Jiri Popelka
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:	http://fedorapeople.org/~dmalcolm/gcc...
Whiteboard:
Depends On:
Blocks:	cpychecker
TreeView+	depends on / blocked

Reported:	2012-03-05 20:59 UTC by Dave Malcolm
Modified:	2012-04-18 22:56 UTC (History)
CC List:	1 user (show)
Fixed In Version:	python-iwlib-1.2-1.fc17
Clone Of:
Environment:
Last Closed:	2012-04-18 22:56:29 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Dave Malcolm 2012-03-05 20:59:31 UTC

Description of problem:
I've been writing an experimental static analysis tool to detect bugs commonly occurring within C Python extension modules:
  https://fedorahosted.org/gcc-python-plugin/
  http://gcc-python-plugin.readthedocs.org/en/latest/cpychecker.html
  http://fedoraproject.org/wiki/Features/StaticAnalysisOfPythonRefcounts

I ran the latest version of the tool (in git master; post 0.9) on
python-iwlib-1.1-2.fc17.src.rpm, and it reports various errors.

You can see a list of errors here, triaged into categories (from most significant to least significant):
http://fedorapeople.org/~dmalcolm/gcc-python-plugin/2012-03-05/python-iwlib-1.1-2.fc17/

I've manually reviewed the issues reported by the tool; all of them appear to relate to code of this form:

   PyDict_SetItem(dict,
                  PyString_FromString("some_key"),
                  PyString_FromString(buffer));

This will leak references: PyDict_SetItem() adds new references to the key and the value, it doesn't steal references to the inputs.

Also, PyString_FromString() can fail under low memory conditions, returning NULL, and PyDict_SetItem(dict, NULL, ...) or PyDict_SetItem(dict, ..., NULL) will segfault.

(the use of PyDict_SetItemString() would simplify this code, removing two sets of errors).

There may of course be other bugs in my checker tool.

Hope this is helpful; let me know if you need help reading the logs that the tool generates - I know that it could use some improvement.

Version-Release number of selected component (if applicable):
python-iwlib-1.1-2.fc17
gcc-python-plugin post-0.9 git 11462291a66c8db693c8884cb84b795bb5988ffb running the checker in an *f16* chroot

Comment 1 Jiri Popelka 2012-03-06 11:30:11 UTC

(In reply to comment #0)
> (the use of PyDict_SetItemString() would simplify this code, removing two sets
> of errors).

Would this be sufficient ?
http://git.fedorahosted.org/git/?p=python-iwlib.git;a=commitdiff;h=0e99906e924940819faea5e758d638816c4b3b42

Comment 2 Fedora Update System 2012-03-29 11:08:06 UTC

python-iwlib-1.2-1.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/python-iwlib-1.2-1.fc17

Comment 3 Fedora Update System 2012-03-30 03:00:16 UTC

Package python-iwlib-1.2-1.fc17:
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing python-iwlib-1.2-1.fc17'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-4887/python-iwlib-1.2-1.fc17
then log in and leave karma (feedback).

Comment 4 Fedora Update System 2012-04-18 22:56:29 UTC

python-iwlib-1.2-1.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.