python · picnixz · Jul 12, 2025 · Mar 29, 2025 · Apr 10, 2025 · May 17, 2025
diff --git a/Lib/test/test_bytes.py b/Lib/test/test_bytes.py
@@ -1889,6 +1889,41 @@ def __index__(self):
             with self.assertRaises(IndexError):
                 self._testlimitedcapi.sequence_setitem(b, 0, Boom())
 
+        class BoomContinued:
+            def __index__(self):
+                nonlocal new_ba
+                # Clear the original bytearray, mutating it during index assignment.
+                # If the internal buffers are held over this operation, they become dangling
+                # However, this will fail a bounds check as above (as the clear sets bounds to zero)
+                ba.clear()
+                # At this moment, the bytearray potentially has a dangling pointer
+                # Create a new bytearray to catch any writes
+                new_ba = bytearray(0x180)
+                # Ensure bounds check passes
+                ba.extend([0] * 0x180)
+                return 0
+
+        with self.subTest("skip_bounds_safety"):
+            new_ba: bytearray
+            ba = bytearray(0x180)
+            ba[BoomContinued()] = ord("?")
+            self.assertEqual(ba[0], ord("?"), "Assigned bytearray not altered")
+            self.assertEqual(new_ba, bytearray(0x180), "Wrong object altered")
+
+        with self.subTest("skip_bounds_safety_capi"):
+            new_ba: bytearray
+            ba = bytearray(0x180)
+            self._testlimitedcapi.sequence_setitem(ba, BoomContinued(), ord("?"))
+            self.assertEqual(ba[0], ord("?"), "Assigned bytearray not altered")
+            self.assertEqual(new_ba, bytearray(0x180), "Wrong object altered")
+
+        with self.subTest("skip_bounds_safety_slice"):
+            new_ba: bytearray
+            ba = bytearray(0x180)
+            ba[BoomContinued():1] = [ord("?")]
+            self.assertEqual(ba[0], ord("?"), "Assigned bytearray not altered")
+            self.assertEqual(new_ba, bytearray(0x180), "Wrong object altered")
+
 
 class AssortedBytesTest(unittest.TestCase):
     #

diff --git a/Objects/bytearrayobject.c b/Objects/bytearrayobject.c
@@ -709,7 +709,8 @@ bytearray_ass_subscript_lock_held(PyObject *op, PyObject *index, PyObject *value
     _Py_CRITICAL_SECTION_ASSERT_OBJECT_LOCKED(op);
     PyByteArrayObject *self = _PyByteArray_CAST(op);
     Py_ssize_t start, stop, step, slicelen;
-    char *buf = PyByteArray_AS_STRING(self);
+    // GH-91153: we cannot store a reference to the internal buffer here, as _getbytevalue might call into python code
+    // that could then invalidate it.
 
     if (_PyIndex_Check(index)) {
         Py_ssize_t i = PyNumber_AsSsize_t(index, PyExc_IndexError);
@@ -744,7 +745,7 @@ bytearray_ass_subscript_lock_held(PyObject *op, PyObject *index, PyObject *value
         }
         else {
             assert(0 <= ival && ival < 256);
-            buf[i] = (char)ival;
+            PyByteArray_AS_STRING(self)[i] = (char)ival;
             return 0;
         }
     }
@@ -805,6 +806,7 @@ bytearray_ass_subscript_lock_held(PyObject *op, PyObject *index, PyObject *value
             /* Delete slice */
             size_t cur;
             Py_ssize_t i;
+            char* buf = PyByteArray_AS_STRING(self);
 
             if (!_canresize(self))
                 return -1;
@@ -845,6 +847,7 @@ bytearray_ass_subscript_lock_held(PyObject *op, PyObject *index, PyObject *value
             /* Assign slice */
             Py_ssize_t i;
             size_t cur;
+            char* buf = PyByteArray_AS_STRING(self);
 
             if (needed != slicelen) {
                 PyErr_Format(PyExc_ValueError,