From 27701ea6d05319c634182880325e6ae0d3f977d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20v=2E=20L=C3=B6wis?= <martin@v.loewis.de>
Date: Thu, 14 Feb 2008 11:26:18 +0000
Subject: Added checks for integer overflows, contributed by Google. Some are
 only available if asserts are left in the code, in cases where they can't be
 triggered from Python code.

---
 Modules/_struct.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'Modules/_struct.c')

diff --git a/Modules/_struct.c b/Modules/_struct.c
index 53c64848b1..41183fa26b 100644
--- a/Modules/_struct.c
+++ b/Modules/_struct.c
@@ -1336,6 +1336,12 @@ prepare_s(PyStructObject *self)
 		}
 	}
 
+	/* check for overflow */
+	if ((len + 1) > (PY_SSIZE_T_MAX / sizeof(formatcode))) {
+		PyErr_NoMemory();
+		return -1;
+	}
+
 	self->s_size = size;
 	self->s_len = len;
 	codes = PyMem_MALLOC((len + 1) * sizeof(formatcode));
-- 
cgit v1.2.1