From 9c74b14fe9b6dddc9d41dd37f431f174350004d4 Mon Sep 17 00:00:00 2001
From: Amaury Forgeot d'Arc <amauryfa@gmail.com>
Date: Wed, 18 Jun 2008 00:47:36 +0000
Subject: Merged revisions 64114 via svnmerge from
 svn+ssh://pythondev@svn.python.org/python/trunk

........
  r64114 | gregory.p.smith | 2008-06-11 09:41:16 +0200 (mer., 11 juin 2008) | 6 lines

  Merge in release25-maint r60793:

   Added checks for integer overflows, contributed by Google. Some are
   only available if asserts are left in the code, in cases where they
   can't be triggered from Python code.
........
---
 Python/ast.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'Python/ast.c')

diff --git a/Python/ast.c b/Python/ast.c
index da42a0e758..79c9403443 100644
--- a/Python/ast.c
+++ b/Python/ast.c
@@ -3145,6 +3145,9 @@ decode_unicode(struct compiling *c, const char *s, size_t len, int rawmode, cons
         buf = (char *)s;
         u = NULL;
     } else {
+        /* check for integer overflow */
+        if (len > PY_SIZE_MAX / 4)
+            return NULL;
         /* "\XX" may become "\u005c\uHHLL" (12 bytes) */
         u = PyBytes_FromStringAndSize((char *)NULL, len * 4);
         if (u == NULL)
-- 
cgit v1.2.1