Merged revisions 81079 via svnmerge from

svn+ssh://pythondev@svn.python.org/python/trunk

........
  r81079 | mark.dickinson | 2010-05-11 14:05:30 +0100 (Tue, 11 May 2010) | 1 line

  Issue #8674: fix another bogus overflow check in audioop module.
........
This commit is contained in:
Mark Dickinson 2010-05-11 13:09:58 +00:00
parent 8c2b6f1f5a
commit 393b97a7b6
1 changed files with 8 additions and 17 deletions

View File

@ -1160,25 +1160,16 @@ audioop_ratecv(PyObject *self, PyObject *args)
ceiling(len*outrate/inrate) output frames, and each frame
requires bytes_per_frame bytes. Computing this
without spurious overflow is the challenge; we can
settle for a reasonable upper bound, though. */
int ceiling; /* the number of output frames */
int nbytes; /* the number of output bytes needed */
int q = len / inrate;
/* Now len = q * inrate + r exactly (with r = len % inrate),
and this is less than q * inrate + inrate = (q+1)*inrate.
So a reasonable upper bound on len*outrate/inrate is
((q+1)*inrate)*outrate/inrate =
(q+1)*outrate.
*/
ceiling = (q+1) * outrate;
nbytes = ceiling * bytes_per_frame;
/* See whether anything overflowed; if not, get the space. */
if (q+1 < 0 ||
ceiling / outrate != q+1 ||
nbytes / bytes_per_frame != ceiling)
settle for a reasonable upper bound, though, in this
case ceiling(len/inrate) * outrate. */
/* compute ceiling(len/inrate) without overflow */
int q = len > 0 ? 1 + (len - 1) / inrate : 0;
if (outrate > INT_MAX / q / bytes_per_frame)
str = NULL;
else
str = PyBytes_FromStringAndSize(NULL, nbytes);
str = PyBytes_FromStringAndSize(NULL,
q * outrate * bytes_per_frame);
if (str == NULL) {
PyErr_SetString(PyExc_MemoryError,