diff options
author | Alexey Izbyshev <izbyshev@ispras.ru> | 2018-10-28 16:45:50 (GMT) |
---|---|---|
committer | Victor Stinner <vstinner@redhat.com> | 2018-10-28 16:45:50 (GMT) |
commit | 3d4fabb2a424cb04ae446ebe4428090c386f45a5 (patch) | |
tree | 31ba780345d92c1d73db0fcfe04995a360c3a0f2 /Modules/_bz2module.c | |
parent | 68d6dc0770288075504635a8e42696070823fd69 (diff) | |
download | cpython-3d4fabb2a424cb04ae446ebe4428090c386f45a5.zip cpython-3d4fabb2a424cb04ae446ebe4428090c386f45a5.tar.gz cpython-3d4fabb2a424cb04ae446ebe4428090c386f45a5.tar.bz2 |
bpo-35090: Fix potential division by zero in allocator wrappers (GH-10174)
* Fix potential division by zero in BZ2_Malloc()
* Avoid division by zero in PyLzma_Malloc()
* Avoid division by zero and integer overflow in PyZlib_Malloc()
Reported by Svace static analyzer.
Diffstat (limited to 'Modules/_bz2module.c')
-rw-r--r-- | Modules/_bz2module.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/Modules/_bz2module.c b/Modules/_bz2module.c index 3890b60..f0d9588 100644 --- a/Modules/_bz2module.c +++ b/Modules/_bz2module.c @@ -277,11 +277,11 @@ BZ2_Malloc(void* ctx, int items, int size) { if (items < 0 || size < 0) return NULL; - if ((size_t)items > (size_t)PY_SSIZE_T_MAX / (size_t)size) + if (size != 0 && (size_t)items > (size_t)PY_SSIZE_T_MAX / (size_t)size) return NULL; /* PyMem_Malloc() cannot be used: compress() and decompress() release the GIL */ - return PyMem_RawMalloc(items * size); + return PyMem_RawMalloc((size_t)items * (size_t)size); } static void |