CVE-2026-6100:

Fix a dangling input pointer in :class:`lzma.LZMADecompressor`,
:class:`bz2.BZ2Decompressor`, and internal :class:`!zlib._ZlibDecompressor`
when memory allocation fails with :exc:`MemoryError`, which could let a
subsequent :meth:`!decompress` call read or write through a stale pointer to
the already-released caller buffer.

https://github.com/python/cpython/pull/148479

Index: Modules/zlibmodule.c
--- Modules/zlibmodule.c.orig
+++ Modules/zlibmodule.c
@@ -1675,6 +1675,7 @@ decompress(ZlibDecompressor *self, uint8_t *data,
     return result;
 
 error:
+    self->zst.next_in = NULL;
     Py_XDECREF(result);
     return NULL;
 }
