[Libguestfs] [hivex] Segfault for an integer value to node_set_value
Hilko Bengen
bengen at hilluzination.de
Tue Aug 5 18:58:06 UTC 2014
* Peter Wu:
> When an integer argument is passed as value, node_set_value
> segfaults. Reproducer is at the end of this message
Uh-oh. It looks like the handling of values is broken for non-string
cases.
bytes = PyUnicode_AsUTF8String (obj);
with obj derived from the numeric 1234 causes bytes to be set to null.
A line of error handling code tells us why:
TypeError: bad argument type for built-in operation
For Python2, ret->len is set to a value that is too large for size_t,
and thus malloc(), so Python crashes with...
RuntimeError: Cannot allocate memory
I am looking at fixing this.
Cheers,
-Hilko
More information about the Libguestfs
mailing list