| commit | c04ddff290fc203d05b75c8569b748525fb76b5b | [log] [tgz] |
|---|---|---|
| author | Mark Dickinson <mdickinson@enthought.com> | Sat Oct 06 18:04:49 2012 +0100 |
| committer | Mark Dickinson <mdickinson@enthought.com> | Sat Oct 06 18:04:49 2012 +0100 |
| tree | 184849e76ebe965016c2737939f9eaa0dfb900ee | |
| parent | a2028733ef072740921017e544d29d191fdb2c9c [diff] [blame] |
Issue #16096: Fix several occurrences of potential signed integer overflow. Thanks Serhiy Storchaka.
diff --git a/Modules/_randommodule.c b/Modules/_randommodule.c index 421a0d8..6540ab9 100644 --- a/Modules/_randommodule.c +++ b/Modules/_randommodule.c
@@ -284,7 +284,8 @@ n = newn; if (keyused >= keymax) { unsigned long bigger = keymax << 1; - if ((bigger >> 1) != keymax) { + if ((bigger >> 1) != keymax || + bigger > PY_SSIZE_T_MAX / sizeof(*key)) { PyErr_NoMemory(); goto Done; }