traverseda
/
cpython
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

merge 3.4 (#23165)

This commit is contained in:
Benjamin Peterson 2015-01-04 16:06:14 -06:00
parent 9eb1faf39b 10ecaa2416
commit f8693416b5
2 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Misc/NEWS
View File

@ -193,6 +193,9 @@ Core and Builtins
exception. In versions prior to 3.5, '#' with 'c' had no effect. Now
specifying it is an error. Patch by Torsten Landschoff.
- Issue #23165: Perform overflow checks before allocating memory in the
_Py_char2wchar function.
Library
-------

16
Python/fileutils.c
View File

@ -220,8 +220,11 @@ decode_ascii_surrogateescape(const char *arg, size_t *size)
wchar_t *res;
unsigned char *in;
wchar_t *out;
size_t argsize = strlen(arg) + 1;
res = PyMem_RawMalloc((strlen(arg)+1)*sizeof(wchar_t));
if (argsize > PY_SSIZE_T_MAX/sizeof(wchar_t))
return NULL;
res = PyMem_RawMalloc(argsize*sizeof(wchar_t));
if (!res)
return NULL;
@ -305,10 +308,15 @@ Py_DecodeLocale(const char* arg, size_t *size)
argsize = mbstowcs(NULL, arg, 0);
#endif
if (argsize != (size_t)-1) {
res = (wchar_t *)PyMem_RawMalloc((argsize+1)*sizeof(wchar_t));
if (argsize == PY_SSIZE_T_MAX)
goto oom;
argsize += 1;
if (argsize > PY_SSIZE_T_MAX/sizeof(wchar_t))
goto oom;
res = (wchar_t *)PyMem_RawMalloc(argsize*sizeof(wchar_t));
if (!res)
goto oom;
count = mbstowcs(res, arg, argsize+1);
count = mbstowcs(res, arg, argsize);
if (count != (size_t)-1) {
wchar_t *tmp;
/* Only use the result if it contains no
@ -331,6 +339,8 @@ Py_DecodeLocale(const char* arg, size_t *size)
/* Overallocate; as multi-byte characters are in the argument, the
actual output could use less memory. */
argsize = strlen(arg) + 1;
if (argsize > PY_SSIZE_T_MAX/sizeof(wchar_t))
goto oom;
res = (wchar_t*)PyMem_RawMalloc(argsize*sizeof(wchar_t));
if (!res)
goto oom;