Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 42c2b22

Browse filesBrowse files
methanemethane
committed
Merge pull request PyMySQL#85 from methane/fix/ssl-dangling-pointer
Fix accessing buffer of decrefed string
2 parents 9657ee0 + 012e91a commit 42c2b22
Copy full SHA for 42c2b22

File tree

Expand file treeCollapse file tree

1 file changed

+20
-8
lines changed
Filter options
Expand file treeCollapse file tree

1 file changed

+20
-8
lines changed

‎_mysql.c

Copy file name to clipboardExpand all lines: _mysql.c
+20-8Lines changed: 20 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -530,10 +530,12 @@ _mysql_ConnectionObject_Initialize(
530530
PyObject *ssl = NULL;
531531
#if HAVE_OPENSSL
532532
char *key = NULL, *cert = NULL, *ca = NULL,
533-
*capath = NULL, *cipher = NULL;
533+
*capath = NULL, *cipher = NULL;
534+
PyObject *ssl_keepref[5] = {};
535+
int n_ssl_keepref = 0;
534536
#endif
535537
char *host = NULL, *user = NULL, *passwd = NULL,
536-
*db = NULL, *unix_socket = NULL;
538+
*db = NULL, *unix_socket = NULL;
537539
unsigned int port = 0;
538540
unsigned int client_flag = 0;
539541
static char *kwlist[] = { "host", "user", "passwd", "db", "port",
@@ -586,11 +588,11 @@ _mysql_ConnectionObject_Initialize(
586588

587589
#ifdef IS_PY3K
588590
#define _stringsuck(d,t,s) {t=PyMapping_GetItemString(s,#d);\
589-
if(t){d=PyUnicode_AsUTF8(t);Py_DECREF(t);}\
591+
if(t){d=PyUnicode_AsUTF8(t);ssl_keepref[n_ssl_keepref++]=t;}\
590592
PyErr_Clear();}
591593
#else
592594
#define _stringsuck(d,t,s) {t=PyMapping_GetItemString(s,#d);\
593-
if(t){d=PyString_AsString(t);Py_DECREF(t);}\
595+
if(t){d=PyString_AsString(t);ssl_keepref[n_ssl_keepref++]=t;}\
594596
PyErr_Clear();}
595597
#endif
596598

@@ -645,22 +647,32 @@ _mysql_ConnectionObject_Initialize(
645647
mysql_options(&(self->connection), MYSQL_OPT_LOCAL_INFILE, (char *) &local_infile);
646648

647649
#if HAVE_OPENSSL
648-
if (ssl)
649-
mysql_ssl_set(&(self->connection),
650-
key, cert, ca, capath, cipher);
650+
if (ssl) {
651+
mysql_ssl_set(&(self->connection), key, cert, ca, capath, cipher);
652+
}
651653
#endif
652654

653655
conn = mysql_real_connect(&(self->connection), host, user, passwd, db,
654656
port, unix_socket, client_flag);
655657

656658
Py_END_ALLOW_THREADS ;
657659

660+
#if HAVE_OPENSSL
661+
if (ssl) {
662+
int i;
663+
for (i=0; i<n_ssl_keepref; i++) {
664+
Py_DECREF(ssl_keepref[i]);
665+
ssl_keepref[i] = NULL;
666+
}
667+
}
668+
#endif
669+
658670
if (!conn) {
659671
_mysql_Exception(self);
660672
return -1;
661673
}
662674

663-
/* Internal references to python-land objects */
675+
/* Internal references to python-land objects */
664676
if (!conv)
665677
conv = PyDict_New();
666678
else

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.