[Python-checkins] bpo-34395: Don't free allocated memory on realloc fail in load_mark() in _pickle.c. (GH-8788)
Serhiy Storchaka
webhook-mailer at python.org
Sat Aug 25 06:42:02 EDT 2018
https://github.com/python/cpython/commit/90555eca44a19c743d39b7fd2e05f7bc37fb5cb8
commit: 90555eca44a19c743d39b7fd2e05f7bc37fb5cb8
branch: master
author: Sergey Fedoseev <fedoseev.sergey at gmail.com>
committer: Serhiy Storchaka <storchaka at gmail.com>
date: 2018-08-25T13:41:58+03:00
summary:
bpo-34395: Don't free allocated memory on realloc fail in load_mark() in _pickle.c. (GH-8788)
files:
M Modules/_pickle.c
diff --git a/Modules/_pickle.c b/Modules/_pickle.c
index 39628fcef5d5..2de70f5d9405 100644
--- a/Modules/_pickle.c
+++ b/Modules/_pickle.c
@@ -6289,24 +6289,14 @@ load_mark(UnpicklerObject *self)
*/
if (self->num_marks >= self->marks_size) {
- size_t alloc;
-
- /* Use the size_t type to check for overflow. */
- alloc = ((size_t)self->num_marks << 1) + 20;
- if (alloc > (PY_SSIZE_T_MAX / sizeof(Py_ssize_t)) ||
- alloc <= ((size_t)self->num_marks + 1)) {
- PyErr_NoMemory();
- return -1;
- }
-
- Py_ssize_t *marks_old = self->marks;
- PyMem_RESIZE(self->marks, Py_ssize_t, alloc);
- if (self->marks == NULL) {
- PyMem_FREE(marks_old);
- self->marks_size = 0;
+ size_t alloc = ((size_t)self->num_marks << 1) + 20;
+ Py_ssize_t *marks_new = self->marks;
+ PyMem_RESIZE(marks_new, Py_ssize_t, alloc);
+ if (marks_new == NULL) {
PyErr_NoMemory();
return -1;
}
+ self->marks = marks_new;
self->marks_size = (Py_ssize_t)alloc;
}
More information about the Python-checkins
mailing list