ceval.c: `positional_only_passed_as_keyword` can be failed with segfault

[Eclips4]

cpython/Python/ceval.c

Lines 1251 to 1285 in 4d8959b

	static int
	positional_only_passed_as_keyword(PyThreadState *tstate, PyCodeObject *co,
	Py_ssize_t kwcount, PyObject* kwnames,
	PyObject *qualname)
	{
	int posonly_conflicts = 0;
	PyObject* posonly_names = PyList_New(0);
	for(int k=0; k < co->co_posonlyargcount; k++){
	PyObject* posonly_name = PyTuple_GET_ITEM(co->co_localsplusnames, k);
	for (int k2=0; k2<kwcount; k2++){
	/* Compare the pointers first and fallback to PyObject_RichCompareBool*/
	PyObject* kwname = PyTuple_GET_ITEM(kwnames, k2);
	if (kwname == posonly_name){
	if(PyList_Append(posonly_names, kwname) != 0) {
	goto fail;
	}
	posonly_conflicts++;
	continue;
	}
	int cmp = PyObject_RichCompareBool(posonly_name, kwname, Py_EQ);
	if ( cmp > 0) {
	if(PyList_Append(posonly_names, kwname) != 0) {
	goto fail;
	}
	posonly_conflicts++;
	} else if (cmp < 0) {
	goto fail;
	}
	}
	}

This implemention doesn't take in account case when PyList_New returns NULL.
If PyList_New(0) returns a NULL, PyList_Append will be failed with segfault, cause of Py_TYPE, which will try to reach out ob_type. of (PyObject *) NULL.
This hard to reproduce, because the only way PyList_New can error, if it is runs out of memory, but theoretically it can happen.

Linked PRs

• gh-101967: add a missing error check #101968
• [3.10] gh-101967: add a missing error check (GH-101968) #102016
• [3.11] gh-101967: add a missing error check (GH-101968) #102015
• [3.9] gh-101967: add a missing error check (GH-101968) #114738