On Sun, Feb 20, 2011 at 06:06:30PM +0000, Daniele Varrazzo wrote:
> On Sun, Feb 20, 2011 at 4:47 PM, Brian Sutherland
> <brian@vanguardistas.net> wrote:
> > Hi,
> >
> > I recently found a few places in the latest beta release where a NULL
> > dereference could occur when insufficient memory is available.
> >
> > For example in connection_type.c:
> >
> > 830 self->dsn = strdup(dsn);
> > ...
> > 855 pos = strstr(self->dsn, "password");
> >
> > strdup could return a NULL.
> >
> > Admittedly this is probably a minor bug, but would it interest anyone if
> > I report these somewhere?
>
> Thank you for the review.
Actually, thanks to monoidics for letting me try out their INFER static
code checker.
> Having patches would be even better, but I
> will take care of this one.
Great!
Attached is a patch for another issue, though I'm not sure if calling
PyErr_NoMemory within libpq is sane.
To tell if the other issues INFER raises are bugs would require a much
deeper insight into the psycopg2 code than I have.
--
Brian Sutherland