diff options
| author | Martin Panter <vadmium+py@gmail.com> | 2016-07-19 03:05:42 (GMT) |
|---|---|---|
| committer | Martin Panter <vadmium+py@gmail.com> | 2016-07-19 03:05:42 (GMT) |
| commit | 6fb90905e2c5e42e19484046757fd098df2c6fcf (patch) | |
| tree | f33b17ac72f2e4d1f337ef636859cfe20c1377ed | |
| parent | e3d747496edf492c10e329512e1bab573843daf1 (diff) | |
| download | cpython-6fb90905e2c5e42e19484046757fd098df2c6fcf.zip cpython-6fb90905e2c5e42e19484046757fd098df2c6fcf.tar.gz cpython-6fb90905e2c5e42e19484046757fd098df2c6fcf.tar.bz2 | |
Issue #1621: Avoid signed int negation overflow in audioop
| -rw-r--r-- | Misc/NEWS | 2 | ||||
| -rw-r--r-- | Modules/audioop.c | 4 |
2 files changed, 5 insertions, 1 deletions
@@ -26,6 +26,8 @@ Core and Builtins Library ------- +- Issue #1621: Avoid signed int negation overflow in the "audioop" module. + - Issue #27533: Release GIL in nt._isdir - Issue #17711: Fixed unpickling by the persistent ID with protocol 0. diff --git a/Modules/audioop.c b/Modules/audioop.c index 8ca64c6..ed1eca3 100644 --- a/Modules/audioop.c +++ b/Modules/audioop.c @@ -446,7 +446,9 @@ audioop_max_impl(PyObject *module, Py_buffer *fragment, int width) return NULL; for (i = 0; i < fragment->len; i += width) { int val = GETRAWSAMPLE(width, fragment->buf, i); - if (val < 0) absval = (-val); + /* Cast to unsigned before negating. Unsigned overflow is well- + defined, but signed overflow is not. */ + if (val < 0) absval = -(unsigned int)val; else absval = val; if (absval > max) max = absval; } |