Added checks for integer overflows, contributed by Google. Some are only available if asserts are left in the code, in cases where they can't be triggered from Python code.

commit: 73c01d410117a573731e6c2afc9694005f8d11aa [log] [tgz]
author: Martin v. Löwis <martin@v.loewis.de> Thu Feb 14 11:26:18 2008 +0000
committer: Martin v. Löwis <martin@v.loewis.de> Thu Feb 14 11:26:18 2008 +0000
tree: c0cb9e868b2cb57d9ebd5685d0054b551a33e889
parent: abcb59a1d87c6121db913ce56c9f91fd43f33916 [diff] [blame]
diff --git a/Modules/datetimemodule.c b/Modules/datetimemodule.c
index a67c35d..34112c0 100644
--- a/Modules/datetimemodule.c
+++ b/Modules/datetimemodule.c

@@ -1113,6 +1113,8 @@
 	char sign;
 	int none;
 
+	assert(buflen >= 1);
+
 	offset = call_utcoffset(tzinfo, tzinfoarg, &none);
 	if (offset == -1 && PyErr_Occurred())
 		return -1;
@@ -1190,6 +1192,11 @@
 	 * a new format.  Since computing the replacements for those codes
 	 * is expensive, don't unless they're actually used.
 	 */
+	if (PyString_Size(format) > INT_MAX - 1) {
+		PyErr_NoMemory();
+		goto Done;
+	}
+
 	totalnew = PyString_Size(format) + 1;	/* realistic if no %z/%Z */
 	newfmt = PyString_FromStringAndSize(NULL, totalnew);
 	if (newfmt == NULL) goto Done;
commit	73c01d410117a573731e6c2afc9694005f8d11aa	[log] [tgz]
author	Martin v. Löwis <martin@v.loewis.de>	Thu Feb 14 11:26:18 2008 +0000
committer	Martin v. Löwis <martin@v.loewis.de>	Thu Feb 14 11:26:18 2008 +0000
tree	c0cb9e868b2cb57d9ebd5685d0054b551a33e889
parent	abcb59a1d87c6121db913ce56c9f91fd43f33916 [diff] [blame]