[Python-checkins] cpython (3.3): check for overflows in permutations() and product() (closes #23363, closes
benjamin.peterson
python-checkins at python.org
Mon Feb 2 03:39:20 CET 2015
https://hg.python.org/cpython/rev/7133582b6769
changeset: 94456:7133582b6769
branch: 3.3
parent: 94452:93d445cd5f70
user: Benjamin Peterson <benjamin at python.org>
date: Sun Feb 01 21:34:07 2015 -0500
summary:
check for overflows in permutations() and product() (closes #23363, closes #23364)
files:
Lib/test/test_itertools.py | 12 ++++++++++++
Misc/NEWS | 4 ++++
Modules/itertoolsmodule.c | 18 ++++++++++++++++--
3 files changed, 32 insertions(+), 2 deletions(-)
diff --git a/Lib/test/test_itertools.py b/Lib/test/test_itertools.py
--- a/Lib/test/test_itertools.py
+++ b/Lib/test/test_itertools.py
@@ -418,6 +418,13 @@
self.pickletest(permutations(values, r)) # test pickling
+ @support.bigaddrspacetest
+ def test_permutations_overflow(self):
+ with self.assertRaises(OverflowError):
+ permutations("A", 2**30)
+ with self.assertRaises(OverflowError):
+ permutations("A", 2, 2**30)
+
@support.impl_detail("tuple resuse is CPython specific")
def test_permutations_tuple_reuse(self):
self.assertEqual(len(set(map(id, permutations('abcde', 3)))), 1)
@@ -930,6 +937,11 @@
args = map(iter, args)
self.assertEqual(len(list(product(*args))), expected_len)
+ @support.bigaddrspacetest
+ def test_product_overflow(self):
+ with self.assertRaises(OverflowError):
+ product(["a"]*(2**16), repeat=2**16)
+
@support.impl_detail("tuple reuse is specific to CPython")
def test_product_tuple_reuse(self):
self.assertEqual(len(set(map(id, product('abc', 'def')))), 1)
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -16,6 +16,10 @@
Library
-------
+- Issue #23363: Fix possible overflow in itertools.permutations.
+
+- Issue #23364: Fix possible overflow in itertools.product.
+
- Issue #23369: Fixed possible integer overflow in
_json.encode_basestring_ascii.
diff --git a/Modules/itertoolsmodule.c b/Modules/itertoolsmodule.c
--- a/Modules/itertoolsmodule.c
+++ b/Modules/itertoolsmodule.c
@@ -1998,8 +1998,17 @@
}
}
- assert(PyTuple_Check(args));
- nargs = (repeat == 0) ? 0 : PyTuple_GET_SIZE(args);
+ assert(PyTuple_CheckExact(args));
+ if (repeat == 0) {
+ nargs = 0;
+ } else {
+ nargs = PyTuple_GET_SIZE(args);
+ if (repeat > PY_SSIZE_T_MAX/sizeof(Py_ssize_t) ||
+ nargs > PY_SSIZE_T_MAX/(repeat * sizeof(Py_ssize_t))) {
+ PyErr_SetString(PyExc_OverflowError, "repeat argument too large");
+ return NULL;
+ }
+ }
npools = nargs * repeat;
indices = PyMem_Malloc(npools * sizeof(Py_ssize_t));
@@ -2992,6 +3001,11 @@
goto error;
}
+ if (n > PY_SSIZE_T_MAX/sizeof(Py_ssize_t) ||
+ r > PY_SSIZE_T_MAX/sizeof(Py_ssize_t)) {
+ PyErr_SetString(PyExc_OverflowError, "parameters too large");
+ goto error;
+ }
indices = PyMem_Malloc(n * sizeof(Py_ssize_t));
cycles = PyMem_Malloc(r * sizeof(Py_ssize_t));
if (indices == NULL || cycles == NULL) {
--
Repository URL: https://hg.python.org/cpython
More information about the Python-checkins
mailing list