Trent Mick:

Various small fixes to the builtin module to ensure no buffer
overflows.

- chunk #1:
Proper casting to ensure no truncation, and hence no surprises, in the
comparison.

- chunk #2:
The id() function guarantees a unique return value for different
objects.  It does this by returning the pointer to the object. By
returning a PyInt, on Win64 (sizeof(long) < sizeof(void*)) the pointer
is truncated and the guarantee may be proven false. The appropriate
return function is PyLong_FromVoidPtr, this returns a PyLong if that
is necessary to return the pointer without truncation.

[GvR: note that this means that id() can now return a long on Win32
platforms.  This *might* break some code...]

- chunk #3:
Ensure no overflow in raw_input(). Granted the user would have to pass
in >2GB of data but it *is* a possible buffer overflow condition.

0 files changed, 0 insertions, 0 deletions