I found a crasher. Calling _stackless._wrap.frame.__setstate__() (C-function frame_setstate()) with invalid arguments leads to a NULL pointer access later on.
frame_setstate() clears f->f_globals and later sets f->f_globals to a new value. If frame_setstate() fails between this points, f->f_globals is NULL and this is not expected by frame_dealloc(). The fix is trivial.
akruis
commented
3 years ago
I found a crasher. Calling
_stackless._wrap.frame.__setstate__()(C-function frame_setstate()) with invalid arguments leads to a NULL pointer access later on.frame_setstate() clears f->f_globals and later sets f->f_globals to a new value. If frame_setstate() fails between this points, f->f_globals is NULL and this is not expected by frame_dealloc(). The fix is trivial.