Make PyArray::from_(exact_)iter sound by avoiding to free uninitialized memory if the iterator panics.

adamreichold · adamreichold · commit f5fe2badd473 · 2021-11-07T13:16:10.000+01:00
diff --git a/src/array.rs b/src/array.rs
@@ -776,7 +776,14 @@ impl<T: Element> PyArray<T, Ix1> {
     /// });
     /// ```
     pub fn from_exact_iter(py: Python<'_>, iter: impl ExactSizeIterator<Item = T>) -> &Self {
-        let array = Self::new(py, [iter.len()], false);
+        // Use zero-initialized pointers for object arrays
+        // so that partially initialized arrays can be dropped safely
+        // in case the iterator implementation panics.
+        let array = if T::DATA_TYPE == DataType::Object {
+            Self::zeros(py, [iter.len()], false)
+        } else {
+            Self::new(py, [iter.len()], false)
+        };
         unsafe {
             for (i, item) in iter.enumerate() {
                 *array.uget_mut([i]) = item;
@@ -804,7 +811,14 @@ impl<T: Element> PyArray<T, Ix1> {
         let iter = iter.into_iter();
         let (min_len, max_len) = iter.size_hint();
         let mut capacity = max_len.unwrap_or_else(|| min_len.max(512 / mem::size_of::<T>()));
-        let array = Self::new(py, [capacity], false);
+        // Use zero-initialized pointers for object arrays
+        // so that partially initialized arrays can be dropped safely
+        // in case the iterator implementation panics.
+        let array = if T::DATA_TYPE == DataType::Object {
+            Self::zeros(py, [capacity], false)
+        } else {
+            Self::new(py, [capacity], false)
+        };
         let mut length = 0;
         unsafe {
             for (i, item) in iter.enumerate() {
