Merge in release25-maint r60793: Added checks for integer overflows, contributed by Google. Some are only available if asserts are left in the code, in cases where they can't be triggered from Python code.

commit: 9d53457e599623fbad90833c3448835b42d7e7f9 [log] [tgz]
author: Gregory P. Smith <greg@mad-scientist.com> Wed Jun 11 07:41:16 2008 +0000
committer: Gregory P. Smith <greg@mad-scientist.com> Wed Jun 11 07:41:16 2008 +0000
tree: 41d37b556618eb8e831463c576d854063a33d77b
parent: 73baefd7fc86a7f8336e4142efcec74c201acf8f [diff]
diff --git a/Parser/node.c b/Parser/node.c
index d133a0d..f4c86cb 100644
--- a/Parser/node.c
+++ b/Parser/node.c

@@ -91,6 +91,9 @@
 	if (current_capacity < 0 || required_capacity < 0)
 		return E_OVERFLOW;
 	if (current_capacity < required_capacity) {
+		if (required_capacity > PY_SIZE_MAX / sizeof(node)) {
+			return E_NOMEM;
+		}
 		n = n1->n_child;
 		n = (node *) PyObject_REALLOC(n,
 					      required_capacity * sizeof(node));
commit	9d53457e599623fbad90833c3448835b42d7e7f9	[log] [tgz]
author	Gregory P. Smith <greg@mad-scientist.com>	Wed Jun 11 07:41:16 2008 +0000
committer	Gregory P. Smith <greg@mad-scientist.com>	Wed Jun 11 07:41:16 2008 +0000
tree	41d37b556618eb8e831463c576d854063a33d77b
parent	73baefd7fc86a7f8336e4142efcec74c201acf8f [diff]