From 9c08eeb30ca0e551323467b62ae40e08e30839b3 Mon Sep 17 00:00:00 2001
From: "Miss Islington (bot)"
 <31488909+miss-islington@users.noreply.github.com>
Date: Wed, 3 Apr 2019 10:55:26 -0700
Subject: bpo-36504: Fix signed integer overflow in _ctypes.c's
 PyCArrayType_new(). (GH-12660)

(cherry picked from commit 487b73ab39c80157474821ef9083f51e0846bd62)

Co-authored-by: Zackery Spytz <zspytz@gmail.com>
---
 Modules/_ctypes/_ctypes.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'Modules')

diff --git a/Modules/_ctypes/_ctypes.c b/Modules/_ctypes/_ctypes.c
index be0b321bad..153990309b 100644
--- a/Modules/_ctypes/_ctypes.c
+++ b/Modules/_ctypes/_ctypes.c
@@ -1466,7 +1466,7 @@ PyCArrayType_new(PyTypeObject *type, PyObject *args, PyObject *kwds)
     }
 
     itemsize = itemdict->size;
-    if (length * itemsize < 0) {
+    if (length > PY_SSIZE_T_MAX / itemsize) {
         PyErr_SetString(PyExc_OverflowError,
                         "array too large");
         goto error;
-- 
cgit v1.2.1