Issue #22335: Fix crash when trying to enlarge a bytearray to 0x7fffffff bytes on a 32-bit platform.
diff --git a/Objects/obmalloc.c b/Objects/obmalloc.c
index 004cfaa..3c33255 100644
--- a/Objects/obmalloc.c
+++ b/Objects/obmalloc.c
@@ -1754,8 +1754,8 @@
bumpserialno();
total = nbytes + 4*SST;
- if (total < nbytes)
- /* overflow: can't represent total as a size_t */
+ if (nbytes > PY_SSIZE_T_MAX - 4*SST)
+ /* overflow: can't represent total as a Py_ssize_t */
return NULL;
p = (uchar *)api->alloc.malloc(api->alloc.ctx, total);
@@ -1817,8 +1817,8 @@
bumpserialno();
original_nbytes = read_size_t(q - 2*SST);
total = nbytes + 4*SST;
- if (total < nbytes)
- /* overflow: can't represent total as a size_t */
+ if (nbytes > PY_SSIZE_T_MAX - 4*SST)
+ /* overflow: can't represent total as a Py_ssize_t */
return NULL;
/* Resize and add decorations. We may get a new pointer here, in which