Issue #16096: Fix several occurrences of potential signed integer overflow. Thanks Serhiy Storchaka.

2025-08-04 17:08:35 +00:00 · 2012-10-06 18:04:49 +01:00 · 2012-10-06 18:04:49 +01:00 · c04ddff290
commit c04ddff290
parent a2028733ef
7 changed files with 30 additions and 35 deletions
--- a/Modules/_randommodule.c
+++ b/Modules/_randommodule.c
@ -284,7 +284,8 @@ random_seed(RandomObject *self, PyObject *args)
        n = newn;
        if (keyused >= keymax) {
            unsigned long bigger = keymax << 1;
-            if ((bigger >> 1) != keymax) {
+            if ((bigger >> 1) != keymax ||
+                bigger > PY_SSIZE_T_MAX / sizeof(*key)) {
                PyErr_NoMemory();
                goto Done;
            }