From 10c9937b2381f6f5fa6464d95e1612369e8787b8 Mon Sep 17 00:00:00 2001
From: Hirokazu Yamamoto <ocean-city@m2.ccsnet.ne.jp>
Date: Sat, 28 Feb 2009 12:21:53 +0000
Subject: [PATCH] Merged revisions 70056 via svnmerge from
 svn+ssh://pythondev@svn.python.org/python/trunk

........
  r70056 | hirokazu.yamamoto | 2009-02-28 21:13:07 +0900 | 2 lines

  Issue #1733986: Fixed mmap crash in accessing elements of second map object
  with same tagname but larger size than first map. (Windows)
........
---
 Lib/test/test_mmap.py | 28 ++++++++++++++++++++++++++++
 Misc/NEWS             |  3 +++
 Modules/mmapmodule.c  |  2 +-
 3 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/Lib/test/test_mmap.py b/Lib/test/test_mmap.py
index 59b2374ac26..73982270f07 100644
--- a/Lib/test/test_mmap.py
+++ b/Lib/test/test_mmap.py
@@ -504,6 +504,34 @@ class MmapTests(unittest.TestCase):
         m.seek(8)
         self.assertRaises(ValueError, m.write, b"bar")
 
+    if os.name == 'nt':
+        def test_tagname(self):
+            data1 = b"0123456789"
+            data2 = b"abcdefghij"
+            assert len(data1) == len(data2)
+            # Test same tag
+            m1 = mmap.mmap(-1, len(data1), tagname="foo")
+            m1[:] = data1
+            m2 = mmap.mmap(-1, len(data2), tagname="foo")
+            m2[:] = data2
+            self.assertEquals(m1[:], data2)
+            self.assertEquals(m2[:], data2)
+            # Test differnt tag
+            m1 = mmap.mmap(-1, len(data1), tagname="foo")
+            m1[:] = data1
+            m2 = mmap.mmap(-1, len(data2), tagname="boo")
+            m2[:] = data2
+            self.assertEquals(m1[:], data1)
+            self.assertEquals(m2[:], data2)
+
+        def test_tagname_crash(self):
+            # Should not crash (Issue 1733986)
+            m = mmap.mmap(-1, 1000, tagname="foo")
+            try:
+                mmap.mmap(-1, 5000, tagname="foo")[:] # same tagname, but larger size
+            except:
+                pass
+
 
 def test_main():
     run_unittest(MmapTests)
diff --git a/Misc/NEWS b/Misc/NEWS
index ff271b98236..7f5a99b1622 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -173,6 +173,9 @@ Core and Builtins
 Library
 -------
 
+- Issue #1733986: Fixed mmap crash in accessing elements of second map object
+  with same tagname but larger size than first map. (Windows)
+
 - Issue #5386: mmap.write_byte didn't check map size, so it could cause buffer
   overrun.
 
diff --git a/Modules/mmapmodule.c b/Modules/mmapmodule.c
index db944066034..d214b62cc4f 100644
--- a/Modules/mmapmodule.c
+++ b/Modules/mmapmodule.c
@@ -1297,7 +1297,7 @@ new_mmap_object(PyTypeObject *type, PyObject *args, PyObject *kwdict)
 						     dwDesiredAccess,
 						     off_hi,
 						     off_lo,
-						     0);
+						     m_obj->size);
 		if (m_obj->data != NULL)
 			return (PyObject *)m_obj;
 		else