Merge in release25-maint r60793: Added checks for integer overflows, contributed by Google. Some are only available if asserts are left in the code, in cases where they can't be triggered from Python code.

commit: 9d53457e599623fbad90833c3448835b42d7e7f9 [log] [tgz]
author: Gregory P. Smith <greg@mad-scientist.com> Wed Jun 11 07:41:16 2008 +0000
committer: Gregory P. Smith <greg@mad-scientist.com> Wed Jun 11 07:41:16 2008 +0000
tree: 41d37b556618eb8e831463c576d854063a33d77b
parent: 73baefd7fc86a7f8336e4142efcec74c201acf8f [diff] [blame]
diff --git a/Modules/datetimemodule.c b/Modules/datetimemodule.c
index 3443b42..fcbd2e9 100644
--- a/Modules/datetimemodule.c
+++ b/Modules/datetimemodule.c

@@ -1115,6 +1115,8 @@
 	char sign;
 	int none;
 
+	assert(buflen >= 1);
+
 	offset = call_utcoffset(tzinfo, tzinfoarg, &none);
 	if (offset == -1 && PyErr_Occurred())
 		return -1;
@@ -1206,6 +1208,11 @@
 	 * a new format.  Since computing the replacements for those codes
 	 * is expensive, don't unless they're actually used.
 	 */
+	if (format_len > INT_MAX - 1) {
+		PyErr_NoMemory();
+		goto Done;
+	}
+
 	totalnew = format_len + 1;	/* realistic if no %z/%Z/%f */
 	newfmt = PyString_FromStringAndSize(NULL, totalnew);
 	if (newfmt == NULL) goto Done;
commit	9d53457e599623fbad90833c3448835b42d7e7f9	[log] [tgz]
author	Gregory P. Smith <greg@mad-scientist.com>	Wed Jun 11 07:41:16 2008 +0000
committer	Gregory P. Smith <greg@mad-scientist.com>	Wed Jun 11 07:41:16 2008 +0000
tree	41d37b556618eb8e831463c576d854063a33d77b
parent	73baefd7fc86a7f8336e4142efcec74c201acf8f [diff] [blame]