[Python-checkins] CVS: python/dist/src/Objects abstract.c,2.94,2.95 object.c,2.162,2.163

Guido van Rossum gvanrossum@users.sourceforge.net
Fri, 01 Mar 2002 14:23:55 -0800 

Update of /cvsroot/python/python/dist/src/Objects
In directory usw-pr-cvs1:/tmp/cvs-serv29045

Modified Files:
	abstract.c object.c 
Log Message:
SF patch 514641 (Naofumi Honda) - Negative ob_size of LongObjects

Due to the bizarre definition of _PyLong_Copy(), creating an instance
of a subclass of long with a negative value could cause core dumps
later on.  Unfortunately it looks like the behavior of _PyLong_Copy()
is quite intentional, so the fix is more work than feels comfortable.

This fix is almost, but not quite, the code that Naofumi Honda added;
in addition, I added a test case.



Index: abstract.c
===================================================================
RCS file: /cvsroot/python/python/dist/src/Objects/abstract.c,v
retrieving revision 2.94
retrieving revision 2.95
diff -C2 -d -r2.94 -r2.95
*** abstract.c	5 Jan 2002 10:50:30 -0000	2.94
--- abstract.c	1 Mar 2002 22:23:53 -0000	2.95
***************
*** 934,939 ****
  		return o;
  	}
! 	if (PyLong_Check(o))
! 		return _PyLong_Copy((PyLongObject *)o);
  	if (PyString_Check(o))
  		/* need to do extra error checking that PyLong_FromString() 
--- 934,947 ----
  		return o;
  	}
! 	if (PyLong_Check(o)) {
! 		PyObject *res;
! 
! 		res = _PyLong_Copy((PyLongObject *)o);
! 		if (res != NULL)
! 			((PyLongObject *)res)->ob_size =
! 				((PyLongObject *)o)->ob_size;
! 
! 		return res;
! 	}
  	if (PyString_Check(o))
  		/* need to do extra error checking that PyLong_FromString() 

Index: object.c
===================================================================
RCS file: /cvsroot/python/python/dist/src/Objects/object.c,v
retrieving revision 2.162
retrieving revision 2.163
diff -C2 -d -r2.162 -r2.163
*** object.c	4 Dec 2001 15:54:53 -0000	2.162
--- object.c	1 Mar 2002 22:23:53 -0000	2.163
***************
*** 1192,1197 ****
  		return NULL;
  	if (dictoffset < 0) {
! 		const size_t size = _PyObject_VAR_SIZE(tp,
! 					((PyVarObject *)obj)->ob_size);
  		dictoffset += (long)size;
  		assert(dictoffset > 0);
--- 1192,1203 ----
  		return NULL;
  	if (dictoffset < 0) {
! 		int tsize;
! 		size_t size;
! 
! 		tsize = ((PyVarObject *)obj)->ob_size;
! 		if (tsize < 0)
! 			tsize = -tsize;
! 		size = _PyObject_VAR_SIZE(tp, tsize);
! 
  		dictoffset += (long)size;
  		assert(dictoffset > 0);