diff options
| author | Mark Dickinson <dickinsm@gmail.com> | 2010-05-11 13:11:12 (GMT) |
|---|---|---|
| committer | Mark Dickinson <dickinsm@gmail.com> | 2010-05-11 13:11:12 (GMT) |
| commit | ee289e6cd5c009e641ee970cfc67996d8f871221 (patch) | |
| tree | 1c73e404ab58c12de76de165563d9473866fdee0 /Modules/audioop.c | |
| parent | aec0127720b72884f87329396c6a31e4a02ce7ad (diff) | |
| download | cpython-ee289e6cd5c009e641ee970cfc67996d8f871221.zip cpython-ee289e6cd5c009e641ee970cfc67996d8f871221.tar.gz cpython-ee289e6cd5c009e641ee970cfc67996d8f871221.tar.bz2 | |
Merged revisions 81081 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/branches/py3k
................
r81081 | mark.dickinson | 2010-05-11 14:09:58 +0100 (Tue, 11 May 2010) | 9 lines
Merged revisions 81079 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r81079 | mark.dickinson | 2010-05-11 14:05:30 +0100 (Tue, 11 May 2010) | 1 line
Issue #8674: fix another bogus overflow check in audioop module.
........
................
Diffstat (limited to 'Modules/audioop.c')
| -rw-r--r-- | Modules/audioop.c | 25 |
1 files changed, 8 insertions, 17 deletions
diff --git a/Modules/audioop.c b/Modules/audioop.c index 6ca7d72..07b41d4 100644 --- a/Modules/audioop.c +++ b/Modules/audioop.c @@ -1160,25 +1160,16 @@ audioop_ratecv(PyObject *self, PyObject *args) ceiling(len*outrate/inrate) output frames, and each frame requires bytes_per_frame bytes. Computing this without spurious overflow is the challenge; we can - settle for a reasonable upper bound, though. */ - int ceiling; /* the number of output frames */ - int nbytes; /* the number of output bytes needed */ - int q = len / inrate; - /* Now len = q * inrate + r exactly (with r = len % inrate), - and this is less than q * inrate + inrate = (q+1)*inrate. - So a reasonable upper bound on len*outrate/inrate is - ((q+1)*inrate)*outrate/inrate = - (q+1)*outrate. - */ - ceiling = (q+1) * outrate; - nbytes = ceiling * bytes_per_frame; - /* See whether anything overflowed; if not, get the space. */ - if (q+1 < 0 || - ceiling / outrate != q+1 || - nbytes / bytes_per_frame != ceiling) + settle for a reasonable upper bound, though, in this + case ceiling(len/inrate) * outrate. */ + + /* compute ceiling(len/inrate) without overflow */ + int q = len > 0 ? 1 + (len - 1) / inrate : 0; + if (outrate > INT_MAX / q / bytes_per_frame) str = NULL; else - str = PyBytes_FromStringAndSize(NULL, nbytes); + str = PyBytes_FromStringAndSize(NULL, + q * outrate * bytes_per_frame); if (str == NULL) { PyErr_SetString(PyExc_MemoryError, |