[Python-checkins] cpython (2.7): Issue #27581: Don’t rely on overflow wrapping in PySequence_Tuple()
martin.panter
python-checkins at python.org
Sun Jul 24 23:44:26 EDT 2016
https://hg.python.org/cpython/rev/55b6e51b878b
changeset: 102449:55b6e51b878b
branch: 2.7
parent: 102425:2192edcfea02
user: Martin Panter <vadmium+py at gmail.com>
date: Mon Jul 25 02:30:05 2016 +0000
summary:
Issue #27581: Don’t rely on overflow wrapping in PySequence_Tuple()
Patch by Xiang Zhang.
files:
Misc/NEWS | 3 +++
Objects/abstract.c | 9 +++++----
2 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -16,6 +16,9 @@
- Issue #27507: Add integer overflow check in bytearray.extend(). Patch by
Xiang Zhang.
+- Issue #27581: Don't rely on wrapping for overflow check in
+ PySequence_Tuple(). Patch by Xiang Zhang.
+
- Issue #23908: os functions, open() and the io.FileIO constructor now reject
unicode paths with embedded null character on Windows instead of silently
truncating them.
diff --git a/Objects/abstract.c b/Objects/abstract.c
--- a/Objects/abstract.c
+++ b/Objects/abstract.c
@@ -2211,21 +2211,22 @@
break;
}
if (j >= n) {
- Py_ssize_t oldn = n;
+ size_t newn = (size_t)n;
/* The over-allocation strategy can grow a bit faster
than for lists because unlike lists the
over-allocation isn't permanent -- we reclaim
the excess before the end of this routine.
So, grow by ten and then add 25%.
*/
- n += 10;
- n += n >> 2;
- if (n < oldn) {
+ newn += 10u;
+ newn += newn >> 2;
+ if (newn > PY_SSIZE_T_MAX) {
/* Check for overflow */
PyErr_NoMemory();
Py_DECREF(item);
goto Fail;
}
+ n = (Py_ssize_t)newn;
if (_PyTuple_Resize(&result, n) != 0) {
Py_DECREF(item);
goto Fail;
--
Repository URL: https://hg.python.org/cpython
More information about the Python-checkins
mailing list