1. memory leak: ob_refcnt of '*s' is 1 too high

    Report

    1
    static PyObject *
    _mysql_string_literal(
    _mysql_ConnectionObject *self,
    PyObject *args)
    {
    PyObject *str, *s, *o, *d;
    char *in, *out;
    int len, size, isbytes;
    if (!PyArg_ParseTuple(args, "O|O:string_literal", &o, &d)) return NULL;
    // TODO: Would be better to *only* accept bytes here.
    isbytes = PyBytes_Check(o);
    if (isbytes) {
    s = o;
    } else if (PyUnicode_Check(o)) {
    s = PyUnicode_AsEncodedString(o, "UTF-8", "strict");
    } else {
    s = PyObject_Bytes(o);
    }
    if (!s) return NULL;
    in = PyBytes_AS_STRING(s);
    size = PyBytes_GET_SIZE(s);
    str = PyBytes_FromStringAndSize((char *) NULL, size*2+3);
    if (!str) return PyErr_NoMemory();
    out = PyBytes_AS_STRING(str);
    #if MYSQL_VERSION_ID < 32321
    len = mysql_escape_string(out+1, in, size);
    #else
    len = mysql_real_escape_string(utf8conn, out+1, in, size);
    #endif
    *out = *(out+len+1) = '\'';
    if (_PyBytes_Resize(&str, len+2) < 0) return NULL;
    if (!isbytes) {
    Py_DECREF(s);
    }
    return (str);
    }

    1. was expecting final owned ob_refcnt of '*s' to be 0 since nothing references it but final ob_refcnt is refs: 1 owned

      found 3 similar trace(s) to this

    2. when PyArg_ParseTuple() succeeds

      taking False path

    3. when treating unknown struct _typeobject * from _mysql.c:1117 as non-NULL

      when considering value == (long int)0 from _mysql.c:1117

    4. taking False path

    5. when treating unknown struct _typeobject * from _mysql.c:1120 as non-NULL

      when considering value == (long int)0 from _mysql.c:1120

      taking False path

    6. when PyObject_Str() succeeds

      '*s' was allocated at: s = PyObject_Bytes(o);

    7. taking False path

    8. when PyString_FromStringAndSize() succeeds

    9. taking False path

    10. when treating unknown char * from _mysql.c:1137 as non-NULL

    11. when considering range: -0x80000000 <= value <= -1

      taking True path

  2. memory leak: ob_refcnt of '*str.35' is 1 too high

    Report

    2
    static PyObject *
    _mysql_string_literal(
    _mysql_ConnectionObject *self,
    PyObject *args)
    {
    PyObject *str, *s, *o, *d;
    char *in, *out;
    int len, size, isbytes;
    if (!PyArg_ParseTuple(args, "O|O:string_literal", &o, &d)) return NULL;
    // TODO: Would be better to *only* accept bytes here.
    isbytes = PyBytes_Check(o);
    if (isbytes) {
    s = o;
    } else if (PyUnicode_Check(o)) {
    s = PyUnicode_AsEncodedString(o, "UTF-8", "strict");
    } else {
    s = PyObject_Bytes(o);
    }
    if (!s) return NULL;
    in = PyBytes_AS_STRING(s);
    size = PyBytes_GET_SIZE(s);
    str = PyBytes_FromStringAndSize((char *) NULL, size*2+3);
    if (!str) return PyErr_NoMemory();
    out = PyBytes_AS_STRING(str);
    #if MYSQL_VERSION_ID < 32321
    len = mysql_escape_string(out+1, in, size);
    #else
    len = mysql_real_escape_string(utf8conn, out+1, in, size);
    #endif
    *out = *(out+len+1) = '\'';
    if (_PyBytes_Resize(&str, len+2) < 0) return NULL;
    if (!isbytes) {
    Py_DECREF(s);
    }
    return (str);
    }

    1. was expecting final owned ob_refcnt of '*str.35' to be 0 since nothing references it but final ob_refcnt is refs: 1 owned

      found 7 similar trace(s) to this

    2. when PyArg_ParseTuple() succeeds

      taking False path

    3. when treating unknown struct _typeobject * from _mysql.c:1117 as non-NULL

      when considering value == (long int)0 from _mysql.c:1117

    4. taking False path

    5. when treating unknown struct _typeobject * from _mysql.c:1120 as non-NULL

      when considering value == (long int)0 from _mysql.c:1120

      taking False path

    6. when PyObject_Str() succeeds

    7. taking False path

    8. when PyString_FromStringAndSize() succeeds

      '*str.35' was allocated at: str = PyBytes_FromStringAndSize((char *) NULL, size*2+3);

    9. taking False path

    10. when treating unknown char * from _mysql.c:1137 as non-NULL

    11. when considering range: -0x80000000 <= value <= -1

      taking True path

  3. returning (PyObject*)NULL without setting an exception

    Report

    3
    static PyObject *
    _mysql_string_literal(
    _mysql_ConnectionObject *self,
    PyObject *args)
    {
    PyObject *str, *s, *o, *d;
    char *in, *out;
    int len, size, isbytes;
    if (!PyArg_ParseTuple(args, "O|O:string_literal", &o, &d)) return NULL;
    // TODO: Would be better to *only* accept bytes here.
    isbytes = PyBytes_Check(o);
    if (isbytes) {
    s = o;
    } else if (PyUnicode_Check(o)) {
    s = PyUnicode_AsEncodedString(o, "UTF-8", "strict");
    } else {
    s = PyObject_Bytes(o);
    }
    if (!s) return NULL;
    in = PyBytes_AS_STRING(s);
    size = PyBytes_GET_SIZE(s);
    str = PyBytes_FromStringAndSize((char *) NULL, size*2+3);
    if (!str) return PyErr_NoMemory();
    out = PyBytes_AS_STRING(str);
    #if MYSQL_VERSION_ID < 32321
    len = mysql_escape_string(out+1, in, size);
    #else
    len = mysql_real_escape_string(utf8conn, out+1, in, size);
    #endif
    *out = *(out+len+1) = '\'';
    if (_PyBytes_Resize(&str, len+2) < 0) return NULL;
    if (!isbytes) {
    Py_DECREF(s);
    }
    return (str);
    }

    1. found 2 similar trace(s) to this

    2. when PyArg_ParseTuple() succeeds

      taking False path

    3. when treating unknown struct _typeobject * from _mysql.c:1117 as non-NULL

      when considering value == (long int)0 from _mysql.c:1117

    4. taking False path

    5. when treating unknown struct _typeobject * from _mysql.c:1120 as non-NULL

      when considering value == (long int)0 from _mysql.c:1120

      taking False path

    6. when PyObject_Str() succeeds

    7. taking False path

    8. when PyString_FromStringAndSize() succeeds

    9. taking False path

    10. when treating unknown char * from _mysql.c:1137 as non-NULL

    11. when considering range: -0x80000000 <= value <= -1

      taking True path