From 3b3b83c965447a8329b34cb4befe6e9908880ee5 Mon Sep 17 00:00:00 2001
From: Ammar Askar <ammar@ammaraskar.com>
Date: Wed, 10 Jun 2020 23:31:22 +0000
Subject: Restrict co_code to be under INT_MAX in codeobject (GH-20628)

---
 Objects/codeobject.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'Objects/codeobject.c')

diff --git a/Objects/codeobject.c b/Objects/codeobject.c
index 737635943a..cb4fb68124 100644
--- a/Objects/codeobject.c
+++ b/Objects/codeobject.c
@@ -166,6 +166,14 @@ PyCode_NewWithPosOnlyArgs(int argcount, int posonlyargcount, int kwonlyargcount,
         return NULL;
     }
 
+    /* Make sure that code is indexable with an int, this is
+       a long running assumption in ceval.c and many parts of
+       the interpreter. */
+    if (PyBytes_GET_SIZE(code) > INT_MAX) {
+        PyErr_SetString(PyExc_OverflowError, "co_code larger than INT_MAX");
+        return NULL;
+    }
+
     /* Check for any inner or outer closure references */
     n_cellvars = PyTuple_GET_SIZE(cellvars);
     if (!n_cellvars && !PyTuple_GET_SIZE(freevars)) {
-- 
cgit v1.2.1