Plan 9 from Bell Labs’s /usr/web/sources/contrib/jas/root/sys/lib/python2.7/test/crashers/gc_has_finalizer.py

Copyright © 2021 Plan 9 Foundation.
Distributed under the MIT License.
Download the Plan 9 distribution.


"""
The gc module can still invoke arbitrary Python code and crash.
This is an attack against _PyInstance_Lookup(), which is documented
as follows:

    The point of this routine is that it never calls arbitrary Python
    code, so is always "safe":  all it does is dict lookups.

But of course dict lookups can call arbitrary Python code.
The following code causes mutation of the object graph during
the call to has_finalizer() in gcmodule.c, and that might
segfault.
"""

import gc


class A:
    def __hash__(self):
        return hash("__del__")
    def __eq__(self, other):
        del self.other
        return False

a = A()
b = A()

a.__dict__[b] = 'A'

a.other = b
b.other = a

gc.collect()
del a, b

gc.collect()

Bell Labs OSI certified Powered by Plan 9

(Return to Plan 9 Home Page)

Copyright © 2021 Plan 9 Foundation. All Rights Reserved.
Comments to [email protected].