mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-07-24 03:35:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

bpo-36946: Fix possible signed integer overflow when handling slices. (GH-13375)

Browse source 
The final addition (cur += step) may overflow, so use size_t for "cur".
"cur" is always positive (even for negative steps), so it is safe to use
size_t here.

Co-Authored-By: Martin Panter <vadmium+py@gmail.com>
This commit is contained in:
Zackery Spytz 2019-05-17 01:13:03 -06:00 committed by Serhiy Storchaka
parent 870b035bc6
commit 14514d9084
15 changed files with 45 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

3
Objects/bytearrayobject.c
View file

@ -410,7 +410,8 @@ bytearray_subscript(PyByteArrayObject *self, PyObject *index)
return PyLong_FromLong((unsigned char)(PyByteArray_AS_STRING(self)[i]));
}
else if (PySlice_Check(index)) {
Py_ssize_t start, stop, step, slicelength, cur, i;
Py_ssize_t start, stop, step, slicelength, i;
size_t cur;
if (PySlice_Unpack(index, &start, &stop, &step) < 0) {
return NULL;
}