A code review of the protobuf upb Python C extension
38 views
Skip to first unread message
Daniel
Mar 26, 2026, 5:44:34 PM (6 days ago) Mar 26
to Protocol Buffers
Hi,
I've run a tool I'm developing against upb and found some interesting results. The summary is:
The analysis uncovered a memory corruption bug, systematic missing NULL checks after `PyType_GenericAlloc` (15+ sites), 9 unguarded `PyErr_Clear()` calls that swallow `MemoryError`, reference leaks at every module load, double-free bugs in descriptor container error paths, and 9 C/Python parity gaps.
The analysis uncovered a memory corruption bug, systematic missing NULL checks after `PyType_GenericAlloc` (15+ sites), 9 unguarded `PyErr_Clear()` calls that swallow `MemoryError`, reference leaks at every module load, double-free bugs in descriptor container error paths, and 9 C/Python parity gaps.
Would you like me to post a link to the report here? Or should I send it to someone on the team? Or open an issue with a link to the report?
Daniel
Daniel
Em Rauch
Mar 26, 2026, 5:49:46 PM (6 days ago) Mar 26
to Daniel, Protocol Buffers
I think for the types of issues listed, a report at https://github.com/protocolbuffers/protobuf/issues would be appreciated.
If you believe you have found a security concern (for example if the memory corruption you mentioned is reachable from just a binary wire format parse), please send that to https://bughunters.google.com/report
Thanks!
--
You received this message because you are subscribed to the Google Groups "Protocol Buffers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to protobuf+u...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/protobuf/12fec05c-149a-475a-b402-8eccf86233c8n%40googlegroups.com.
At We
Mar 30, 2026, 11:14:43 AM (2 days ago) Mar 30
to Daniel, Protocol Buffers
Thank you this is the first I received anything from the team but yes send it please
--
Reply all
Reply to author
Forward
0 new messages