From 1e211ff10dbab6da8fc7170bd09cd6fdaeec9dde Mon Sep 17 00:00:00 2001 From: Benjamin Peterson Date: Wed, 15 Oct 2014 12:17:21 -0400 Subject: [PATCH] it suffices to check for PY_SSIZE_T_MAX overflow (#22643) --- Objects/unicodeobject.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c index 2a10eec5ebc..8eb2dd2dc6b 100644 --- a/Objects/unicodeobject.c +++ b/Objects/unicodeobject.c @@ -9484,12 +9484,11 @@ case_operation(PyObject *self, kind = PyUnicode_KIND(self); data = PyUnicode_DATA(self); length = PyUnicode_GET_LENGTH(self); - if (length > PY_SSIZE_T_MAX / 3 || - length > PY_SIZE_MAX / (3 * sizeof(Py_UCS4))) { + if (length > PY_SSIZE_T_MAX / (3 * sizeof(Py_UCS4))) { PyErr_SetString(PyExc_OverflowError, "string is too long"); return NULL; } - tmp = PyMem_MALLOC(sizeof(Py_UCS4) * 3 * (size_t)length); + tmp = PyMem_MALLOC(sizeof(Py_UCS4) * 3 * length); if (tmp == NULL) return PyErr_NoMemory(); newlength = perform(kind, data, length, tmp, &maxchar);