Details
P3: Somewhat important Description
In sbkmodule.cpp, line 472, the original _import_ function is fetched from the builtins dict without incrementing the reference count.
If later the _import_ function in the builtins is replaced then the one held here will be destroyed leaving an invalid function object, which will cause a crash on the next import.
A Py_INCREF should follow PyDict_GetItemString, since that returns a borrowed reference:
static PyObject *origImportFunc{}; .. static PyObject *lazy_import() ... origImportFunc = PyDict_GetItemString(builtins, "__import__"); Py_INCREF(origImportFunc) // This is missing around line 473
It looks like this bug was introduced in commit 7accf7c3042e3f0680fa0615a0f13b54d28a0efd "LazyInit: Implement Lazy Initialization by Delayed Module Entries" https://codereview.qt-project.org/c/pyside/pyside-setup/+/539467
Attachments
Issue Links
- relates to
-
PYSIDE-2404 Create an On-Demand Initializer for PySide
-
- Open
-
| For Gerrit Dashboard: PYSIDE-2780 | ||||||
|---|---|---|---|---|---|---|
| # | Subject | Branch | Project | Status | CR | V |
| 567208,2 | Shiboken: Fix a potential refcounting bug in Lazy Init | dev | pyside/pyside-setup | Status: MERGED | +2 | 0 |
| 567287,2 | Shiboken: Fix a potential refcounting bug in Lazy Init | 6.7 | pyside/pyside-setup | Status: MERGED | +2 | 0 |
| 567496,2 | Shiboken: Fix a potential refcounting bug in Lazy Init | 6.7.2 | pyside/pyside-setup | Status: MERGED | +2 | 0 |
| 567501,2 | Shiboken: Fix a potential refcounting bug in Lazy Init | tqtc/6.7.2 | pyside/tqtc-pyside-setup | Status: MERGED | +2 | 0 |