Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-10-31 13:41:24 +00:00
Code Issues Projects Releases Packages Wiki Activity

add some overflow checks before multiplying (closes #23165)

Browse source
This commit is contained in:
Benjamin Peterson 2015-01-04 16:03:17 -06:00
parent 47e782a67a
commit f18bf6fd2d
2 changed files with 16 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

16
Python/fileutils.c
View file

@ -169,8 +169,11 @@ decode_ascii_surrogateescape(const char *arg, size_t *size)
wchar_t *res;
unsigned char *in;
wchar_t *out;
size_t argsize = strlen(arg) + 1;
res = PyMem_Malloc((strlen(arg)+1)*sizeof(wchar_t));
if (argsize > PY_SSIZE_T_MAX/sizeof(wchar_t))
return NULL;
res = PyMem_Malloc(argsize*sizeof(wchar_t));
if (!res)
return NULL;
@ -250,10 +253,15 @@ _Py_char2wchar(const char* arg, size_t *size)
argsize = mbstowcs(NULL, arg, 0);
#endif
if (argsize != (size_t)-1) {
res = (wchar_t *)PyMem_Malloc((argsize+1)*sizeof(wchar_t));
if (argsize == PY_SSIZE_T_MAX)
goto oom;
argsize += 1;
if (argsize > PY_SSIZE_T_MAX/sizeof(wchar_t))
goto oom;
res = (wchar_t *)PyMem_Malloc(argsize*sizeof(wchar_t));
if (!res)
goto oom;
count = mbstowcs(res, arg, argsize+1);
count = mbstowcs(res, arg, argsize);
if (count != (size_t)-1) {
wchar_t *tmp;
/* Only use the result if it contains no
@ -276,6 +284,8 @@ _Py_char2wchar(const char* arg, size_t *size)
/* Overallocate; as multi-byte characters are in the argument, the
actual output could use less memory. */
argsize = strlen(arg) + 1;
if (argsize > PY_SSIZE_T_MAX/sizeof(wchar_t))
goto oom;
res = (wchar_t*)PyMem_Malloc(argsize*sizeof(wchar_t));
if (!res)
goto oom;