From b33104ebe04b193945f999cd920bd0f5ecc9b536 Mon Sep 17 00:00:00 2001
From: Vincent Thiberville <vthib@pm.me>
Date: Sun, 9 Mar 2025 01:40:27 +0100
Subject: [PATCH] fix: check key type in externals dict

The type of the key for the externals dict in both the compile and the
match function was not checked. Providing a dict with non string keys
leads to a segfault.
---
 yara-python.c | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/yara-python.c b/yara-python.c
index 83c22c9..31794e2 100644
--- a/yara-python.c
+++ b/yara-python.c
@@ -1522,6 +1522,13 @@ int process_compile_externals(
 
   while (PyDict_Next(externals, &pos, &key, &value))
   {
+    if (!PY_STRING_CHECK(key)) {
+      PyErr_Format(
+          PyExc_TypeError,
+          "keys of externals dict must be strings");
+
+      return ERROR_INVALID_ARGUMENT;
+    }
     identifier = PY_STRING_TO_C(key);
 
     if (PyBool_Check(value))
@@ -1592,6 +1599,13 @@ int process_match_externals(
 
   while (PyDict_Next(externals, &pos, &key, &value))
   {
+    if (!PY_STRING_CHECK(key)) {
+      PyErr_Format(
+          PyExc_TypeError,
+          "keys of externals dict must be strings");
+
+      return ERROR_INVALID_ARGUMENT;
+    }
     identifier = PY_STRING_TO_C(key);
 
     if (PyBool_Check(value))