[issue4751] Patch for better thread support in hashlib
STINNER Victor
report at bugs.python.org
Fri Dec 26 23:32:37 CET 2008
STINNER Victor <victor.stinner at haypocalc.com> added the comment:
If view.len is negative, EVP_hash() may read invalid memory :-/ Be
careful of integer overflow in this block:
Py_ssize_t offset = 0, sublen = len;
while (sublen) {
unsigned int process = sublen > MUNCH_SIZE ? MUNCH_SIZE :
sublen;
...
}
You removed Py_SAFE_DOWNCAST(len, Py_ssize_t, unsigned int) which
should be used (eg. on process?).
Note: you might modify len directly instead of using a second variable
(sublen), and cp instead of using an offset.
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue4751>
_______________________________________
More information about the Python-bugs-list
mailing list