[Python-checkins] cpython (2.7): Issue #18427: str.replace could crash the interpreter with huge strings.
ronald.oussoren
python-checkins at python.org
Thu Jul 11 13:35:29 CEST 2013
http://hg.python.org/cpython/rev/2921f6c2009e
changeset: 84540:2921f6c2009e
branch: 2.7
parent: 84534:c5f5b5e89a94
user: Ronald Oussoren <ronaldoussoren at mac.com>
date: Thu Jul 11 13:33:55 2013 +0200
summary:
Issue #18427: str.replace could crash the interpreter with huge strings.
This fixes two places where 'int' was used to represent
the size of strings, instead of 'Py_ssize_t'.
(The issue is not present in the corresponding code in the 3.x branches)
Fixes #18427
files:
Misc/NEWS | 4 +++-
Objects/stringobject.c | 6 +++---
2 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -24,6 +24,8 @@
Library
-------
+- Issue #18427: str.replace could crash the interpreter with huge strings.
+
- Issue #18347: ElementTree's html serializer now preserves the case of
closing tags.
@@ -88,7 +90,7 @@
- Issue #7136: In the Idle File menu, "New Window" is renamed "New File".
Patch by Tal Einat, Roget Serwy, and Todd Rovito.
-
+
- Issue #8515: Set __file__ when run file in IDLE.
Initial patch by Bruce Frederiksen.
diff --git a/Objects/stringobject.c b/Objects/stringobject.c
--- a/Objects/stringobject.c
+++ b/Objects/stringobject.c
@@ -882,9 +882,9 @@
size -= chunk_size;
}
#ifdef __VMS
- if (size) fwrite(data, (int)size, 1, fp);
+ if (size) fwrite(data, (size_t)size, 1, fp);
#else
- fwrite(data, 1, (int)size, fp);
+ fwrite(data, 1, (size_t)size, fp);
#endif
Py_END_ALLOW_THREADS
return 0;
@@ -2332,7 +2332,7 @@
}
Py_LOCAL_INLINE(Py_ssize_t)
-countchar(const char *target, int target_len, char c, Py_ssize_t maxcount)
+countchar(const char *target, Py_ssize_t target_len, char c, Py_ssize_t maxcount)
{
Py_ssize_t count=0;
const char *start=target;
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list