Merge in release25-maint r60793: Added checks for integer overflows, contributed by Google. Some are only available if asserts are left in the code, in cases where they can't be triggered from Python code.

commit: 9d53457e599623fbad90833c3448835b42d7e7f9 [log] [tgz]
author: Gregory P. Smith <greg@mad-scientist.com> Wed Jun 11 07:41:16 2008 +0000
committer: Gregory P. Smith <greg@mad-scientist.com> Wed Jun 11 07:41:16 2008 +0000
tree: 41d37b556618eb8e831463c576d854063a33d77b
parent: 73baefd7fc86a7f8336e4142efcec74c201acf8f [diff] [blame]
diff --git a/Modules/_struct.c b/Modules/_struct.c
index e5fe211..078c3a5 100644
--- a/Modules/_struct.c
+++ b/Modules/_struct.c

@@ -1385,6 +1385,12 @@
 		}
 	}
 
+	/* check for overflow */
+	if ((len + 1) > (PY_SSIZE_T_MAX / sizeof(formatcode))) {
+		PyErr_NoMemory();
+		return -1;
+	}
+
 	self->s_size = size;
 	self->s_len = len;
 	codes = PyMem_MALLOC((len + 1) * sizeof(formatcode));
commit	9d53457e599623fbad90833c3448835b42d7e7f9	[log] [tgz]
author	Gregory P. Smith <greg@mad-scientist.com>	Wed Jun 11 07:41:16 2008 +0000
committer	Gregory P. Smith <greg@mad-scientist.com>	Wed Jun 11 07:41:16 2008 +0000
tree	41d37b556618eb8e831463c576d854063a33d77b
parent	73baefd7fc86a7f8336e4142efcec74c201acf8f [diff] [blame]