Mirror
/
cpython
mirror of https://github.com/python/cpython
4
1
Fork 0
Code Issues Releases Wiki Activity

Carefully check for overflow when allocating the memory for fromfile 

-- someone tried to pass in sys.maxint and got bitten by the bogus
calculations.
This commit is contained in:
Guido van Rossum 1999-02-23 18:05:22 +00:00
parent 24f8579ee4
commit 3791b0de36
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Modules/arraymodule.c
View File

@ -935,8 +935,15 @@ array_fromfile(self, args)
char *item = self->ob_item;
int itemsize = self->ob_descr->itemsize;
int nread;
PyMem_RESIZE(item, char, (self->ob_size + n) * itemsize);
int newlength;
size_t newbytes;
/* Be careful here about overflow */
if ((newlength = self->ob_size + n) <= 0 ||
(newbytes = newlength * itemsize) / itemsize != newlength)
goto nomem;
PyMem_RESIZE(item, char, newbytes);
if (item == NULL) {
nomem:
PyErr_NoMemory();
return NULL;
}