From 841b20c39cfd53bd7097d2e3f81fd36f8135cc75 Mon Sep 17 00:00:00 2001
From: Pino Toscano <ptoscano@redhat.com>
Date: Tue, 12 Aug 2014 10:16:18 +0200
Subject: [PATCH] python: fix possible free on uninit memory with OStringList
 optargs

When using optional arguments of type OStringList, the code free'ing
the member in the optargs_s struct corresponding to that optional
argument would just check for a non-PyNone PyObject for that argument.
If before that optional argument there are other arguments which can
cause an earlier error return from that binding function, the free'ing
code will then act on garbage values.

Enhance the check by also checking whether the optargs struct has the
bitmask with the element for that argument, meaning that the
corresponding struct member was initialized.
---
 generator/python.ml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/generator/python.ml b/generator/python.ml
index 72bc8a0d5..07e87d285 100644
--- a/generator/python.ml
+++ b/generator/python.ml
@@ -511,7 +511,9 @@ put_table (char * const * const argv)
         function
         | OBool _ | OInt _ | OInt64 _ | OString _ -> ()
         | OStringList n ->
-          pr "  if (py_%s != Py_None)\n" n;
+          let uc_n = String.uppercase n in
+          pr "  if (py_%s != Py_None && (optargs_s.bitmask & %s_%s_BITMASK) != 0)\n"
+            n c_optarg_prefix uc_n;
           pr "    free ((char **) optargs_s.%s);\n" n
       ) optargs;