[3.7] bpo-34922: Fix integer overflow in the digest() and hexdigest() methods (GH-9751) (GH-9798) for the SHAKE algorithm in the hashlib module. (cherry picked from commit 9b8c2e767643256202bb11456ba8665593b9a500)

commit: 8b040e55395b37bdb8fd4ec85a270cfc9ec95307 [log] [tgz]
author: Serhiy Storchaka <storchaka@gmail.com> Thu Oct 11 08:06:36 2018 +0300
committer: GitHub <noreply@github.com> Thu Oct 11 08:06:36 2018 +0300
tree: 6c43d257c0037b3e69aa78d31db4268f9a36864b
parent: 57038bcb24407abbbb46e6d278d0ab4b6ad25bbf [diff] [blame]
diff --git a/Modules/_sha3/sha3module.c b/Modules/_sha3/sha3module.c
index d879e92..9b07cf0 100644
--- a/Modules/_sha3/sha3module.c
+++ b/Modules/_sha3/sha3module.c

@@ -594,7 +594,10 @@
     if (digestlen == (unsigned long) -1 && PyErr_Occurred()) {
         return NULL;
     }
-
+    if (digestlen >= (1 << 29)) {
+        PyErr_SetString(PyExc_ValueError, "length is too large");
+        return NULL;
+    }
     /* ExtractLane needs at least SHA3_MAX_DIGESTSIZE + SHA3_LANESIZE and
      * SHA3_LANESIZE extra space.
      */
commit	8b040e55395b37bdb8fd4ec85a270cfc9ec95307	[log] [tgz]
author	Serhiy Storchaka <storchaka@gmail.com>	Thu Oct 11 08:06:36 2018 +0300
committer	GitHub <noreply@github.com>	Thu Oct 11 08:06:36 2018 +0300
tree	6c43d257c0037b3e69aa78d31db4268f9a36864b
parent	57038bcb24407abbbb46e6d278d0ab4b6ad25bbf [diff] [blame]