bpo-36946: Fix possible signed integer overflow when handling slices. (GH-13375)

The final addition (cur += step) may overflow, so use size_t for "cur". "cur" is always positive (even for negative steps), so it is safe to use size_t here. Co-Authored-By: Martin Panter <vadmium+py@gmail.com>
2025-08-04 00:48:58 +00:00 · 2019-05-17 01:13:03 -06:00 · 2019-05-17 01:13:03 -06:00 · 14514d9084
commit 14514d9084
parent 870b035bc6
15 changed files with 45 additions and 19 deletions
--- a/Lib/test/test_bytes.py
+++ b/Lib/test/test_bytes.py
@ -285,7 +285,7 @@ class BaseBytesTest:
        # Test extended slicing by comparing with list slicing.
        L = list(range(255))
        b = self.type2test(L)
-        indices = (0, None, 1, 3, 19, 100, -1, -2, -31, -100)
+        indices = (0, None, 1, 3, 19, 100, sys.maxsize, -1, -2, -31, -100)
        for start in indices:
            for stop in indices:
                # Skip step 0 (invalid)
@ -1242,7 +1242,8 @@ class ByteArrayTest(BaseBytesTest, unittest.TestCase):
        self.assertLessEqual(sys.getsizeof(b), size)

    def test_extended_set_del_slice(self):
-        indices = (0, None, 1, 3, 19, 300, 1<<333, -1, -2, -31, -300)
+        indices = (0, None, 1, 3, 19, 300, 1<<333, sys.maxsize,
+            -1, -2, -31, -300)
        for start in indices:
            for stop in indices:
                # Skip invalid step 0