devdanzin/genericalias_null_derefs.md

Created March 18, 2026 10:06

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Select an option

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/devdanzin/266ca45099796a2373866a07447d5ebf.js"></script>
Save devdanzin/266ca45099796a2373866a07447d5ebf to your computer and use it in GitHub Desktop.

Download ZIP

genericaliasobject.c: Two NULL dereference bugs

Raw

genericalias_null_derefs.md

genericaliasobject.c: Two NULL dereference bugs

Summary

ga_vectorcall (line 653): PyVectorcall_Function(alias->origin) can return NULL, immediately called as function pointer → segfault.
_Py_make_parameters (line 243-245): After _PyTuple_Resize fails, parameters is NULL but Py_DECREF(parameters) is called → crash.

Fix

Add NULL check and fallback to PyObject_Vectorcall.
Change Py_DECREF(parameters) to Py_XDECREF(parameters) at line 245.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment