Skip to content

bpo-33632: Avoid signed integer overflow in the _thread module #12729

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

bpo-33632: Avoid signed integer overflow in the _thread module #12729

wants to merge 1 commit into from

Conversation

ZackerySpytz
Copy link
Contributor

@ZackerySpytz ZackerySpytz commented Apr 8, 2019
edited by bedevere-bot
Loading

@ZackerySpytz @vadmium
bpo-33632: Avoid signed integer overflow in the _thread module
e1eb0b4 
Co-Authored-By: Martin Panter <vadmium+py@gmail.com>
@pganssle
Copy link
Member

pganssle commented Apr 8, 2019

@ZackerySpytz The approach looks good to me, but I think it would be good to add a test here.

Is timeout something a user can specify? If timeout + now overflows, does it actually raise an error, or does it just set endtime to a negative number, causing this to time out immediately?

I also think it might be worth adding some of the details of exactly what user-facing behaviors will change with this patch to the changelog. "Avoid signed integer overflow" doesn't mean too much to me, out of context, and the BPO report is not much more detailed.

vstinner
vstinner reviewed Apr 15, 2019
View reviewed changes
Modules/_threadmodule.c
r = PY_LOCK_FAILURE;
}
else {
timeout -= elapsed;
starttime += elapsed;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure that this part is really needed. I would prefer to leave starttime and timeout unchanged.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you, @vstinner, for your review.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The original code also updates timeout every time it is interrupted. If you don’t adjust the timeout, I think the overall timeout could be too long. I expect you would be able to test this by installing a Python signal handler and sending signals while acquire or whatever method is running.

Perhaps you would prefer to calculate (overall) timeout − (overall) elapsed and pass that to PyThread_acquire_lock_timed.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

starttime += elapsed will cause starttime overflow. Because starttime is closer to _PyTime_GetMonotonicClock() + timeout by accumulating, and _PyTime_GetMonotonicClock() + timeout may overflow.

I think the else block is not needed.

@vadmium
Copy link
Member

vadmium commented Apr 20, 2019

To clarify the changelog, you could say it is a timeout value that causes the overflow, and figure out what APIs are affected. I suspect some acquire method(s) of lock object(s), such as threading.Lock.acquire, but someone with an up-to-date copy of the code should confirm.

@csabella
Copy link
Contributor

@ZackerySpytz, please take a look at the code review comments. Thanks!

@hongweipeng
Copy link
Contributor

@ZackerySpytz Are you interested in continuing to work on this PR?

@iritkatriel
Copy link
Member

This was fixed in #28674, as mentioned on the bpo.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vstinner vstinner vstinner left review comments

@vadmium vadmium vadmium left review comments

@hongweipeng hongweipeng hongweipeng left review comments

Assignees
No one assigned
Labels
awaiting review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@ZackerySpytz @pganssle @vadmium @csabella @hongweipeng @iritkatriel @vstinner @the-knights-who-say-ni @bedevere-bot