Restrict co_code to be under INT_MAX in codeobject (GH-20628)

commit: 3b3b83c965447a8329b34cb4befe6e9908880ee5 [log] [tgz]
author: Ammar Askar <ammar@ammaraskar.com> Wed Jun 10 23:31:22 2020 +0000
committer: GitHub <noreply@github.com> Thu Jun 11 00:31:22 2020 +0100
tree: 612bf0d51451cc7fefd97c5a45549641e93a86ea
parent: 1642c0ef750f96664a98cadb09301d492098d2fb [diff] [blame]
diff --git a/Objects/codeobject.c b/Objects/codeobject.c
index 7376359..cb4fb68 100644
--- a/Objects/codeobject.c
+++ b/Objects/codeobject.c

@@ -166,6 +166,14 @@
         return NULL;
     }
 
+    /* Make sure that code is indexable with an int, this is
+       a long running assumption in ceval.c and many parts of
+       the interpreter. */
+    if (PyBytes_GET_SIZE(code) > INT_MAX) {
+        PyErr_SetString(PyExc_OverflowError, "co_code larger than INT_MAX");
+        return NULL;
+    }
+
     /* Check for any inner or outer closure references */
     n_cellvars = PyTuple_GET_SIZE(cellvars);
     if (!n_cellvars && !PyTuple_GET_SIZE(freevars)) {
commit	3b3b83c965447a8329b34cb4befe6e9908880ee5	[log] [tgz]
author	Ammar Askar <ammar@ammaraskar.com>	Wed Jun 10 23:31:22 2020 +0000
committer	GitHub <noreply@github.com>	Thu Jun 11 00:31:22 2020 +0100
tree	612bf0d51451cc7fefd97c5a45549641e93a86ea
parent	1642c0ef750f96664a98cadb09301d492098d2fb [diff] [blame]