chore(iast): avoid exception when no relevant frame is found [2.21] (#13348)

smola · web-flow · commit 55d531ad5c0d · 2025-05-13T11:20:57.000+02:00
diff --git a/ddtrace/appsec/_iast/_stacktrace.c b/ddtrace/appsec/_iast/_stacktrace.c
@@ -157,8 +157,6 @@ _get_result_tuple(PyFrameObject* frame)
     PyObject* result = NULL;
     PyObject* filename_o = NULL;
     PyObject* line_o = NULL;
-    PyObject* funcname_o = NULL;
-    PyObject* classname_o = NULL;
 
     filename_o = GET_FILENAME(frame);
     if (!filename_o) {
@@ -227,6 +225,9 @@ get_file_and_line(PyObject* Py_UNUSED(module), PyObject* Py_UNUSED(args))
 
 exit:
     FRAME_XDECREF(frame);
+    if (!result) {
+        result = PyTuple_Pack(2, Py_None, Py_None);
+    }
     return result;
 }
 
diff --git a/ddtrace/appsec/_iast/taint_sinks/_base.py b/ddtrace/appsec/_iast/taint_sinks/_base.py
@@ -129,6 +129,8 @@ def report(cls, evidence_value: Text = "", dialect: Optional[Text] = None) -> No
                     return None
 
                 file_name, line_number = frame_info
+                if not file_name:
+                    return
 
                 file_name = cls._rel_path(file_name)
                 if not file_name:
diff --git a/tests/appsec/iast/test_stacktrace.py b/tests/appsec/iast/test_stacktrace.py
@@ -0,0 +1,40 @@
+#!/usr/bin/env python3
+
+import sys
+
+import pytest
+
+from ddtrace.appsec._iast._stacktrace import get_info_frame
+
+
+def test_stacktrace():
+    file, line = get_info_frame()
+    import traceback
+
+    traceback.print_stack()
+    assert file is not None
+    assert file.endswith("test_stacktrace.py")
+    assert line is not None
+
+
+async def test_stacktrace_async():
+    async def _inner():
+        return get_info_frame()
+
+    file, line = await _inner()
+    assert file is not None
+    assert file.endswith("test_stacktrace.py")
+    assert line is not None
+
+
+@pytest.mark.skipif(sys.version_info < (3, 9, 0), reason="Test compatible with Python 3.9+")
+async def test_stacktrace_async_no_relevant_frame():
+    """
+    In the absence of any non-ddtrace and non-stdlib frame in the stacktrace, no frame is returned.
+    (And no exception is raised).
+    """
+    import asyncio
+
+    file, line = await asyncio.to_thread(get_info_frame)
+    assert file is None
+    assert line is None
