[Python-checkins] cpython (3.2): Issue #16335: Fix integer overflow in unicode-escape decoder.
serhiy.storchaka
python-checkins at python.org
Mon Jan 21 10:46:21 CET 2013
http://hg.python.org/cpython/rev/7625866f8127
changeset: 81622:7625866f8127
branch: 3.2
parent: 81610:260a9afd999a
user: Serhiy Storchaka <storchaka at gmail.com>
date: Mon Jan 21 11:38:00 2013 +0200
summary:
Issue #16335: Fix integer overflow in unicode-escape decoder.
files:
Lib/test/test_ucn.py | 16 ++++++++++++++++
Objects/unicodeobject.c | 3 ++-
2 files changed, 18 insertions(+), 1 deletions(-)
diff --git a/Lib/test/test_ucn.py b/Lib/test/test_ucn.py
--- a/Lib/test/test_ucn.py
+++ b/Lib/test/test_ucn.py
@@ -8,6 +8,7 @@
"""#"
import unittest
+import _testcapi
from test import support
@@ -141,6 +142,21 @@
str, b"\\NSPACE", 'unicode-escape', 'strict'
)
+ @unittest.skipUnless(_testcapi.INT_MAX < _testcapi.PY_SSIZE_T_MAX,
+ "needs UINT_MAX < SIZE_MAX")
+ def test_issue16335(self):
+ # very very long bogus character name
+ try:
+ x = b'\\N{SPACE' + b'x' * (_testcapi.UINT_MAX + 1) + b'}'
+ except MemoryError:
+ raise unittest.SkipTest("not enough memory")
+ self.assertEqual(len(x), len(b'\\N{SPACE}') + (_testcapi.UINT_MAX + 1))
+ self.assertRaisesRegex(UnicodeError,
+ 'unknown Unicode character name',
+ x.decode, 'unicode-escape'
+ )
+
+
def test_main():
support.run_unittest(UnicodeNamesTest)
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c
--- a/Objects/unicodeobject.c
+++ b/Objects/unicodeobject.c
@@ -3923,7 +3923,8 @@
/* found a name. look it up in the unicode database */
message = "unknown Unicode character name";
s++;
- if (ucnhash_CAPI->getcode(NULL, start, (int)(s-start-1), &chr))
+ if (s - start - 1 <= INT_MAX &&
+ ucnhash_CAPI->getcode(NULL, start, (int)(s-start-1), &chr))
goto store;
}
}
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list