summaryrefslogtreecommitdiffstats
path: root/Modules
diff options
context:
space:
mode:
authorGuido van Rossum <guido@python.org>2000-06-28 21:18:13 (GMT)
committerGuido van Rossum <guido@python.org>2000-06-28 21:18:13 (GMT)
commit3262e1675335e00e0f437cce921a1b22a8a33b76 (patch)
tree3f17d745d3e62934003e15c96bc742662a856a5b /Modules
parent106f2dae868770f6b6ed2c949dd5b4deb07b880b (diff)
downloadcpython-3262e1675335e00e0f437cce921a1b22a8a33b76.zip
cpython-3262e1675335e00e0f437cce921a1b22a8a33b76.tar.gz
cpython-3262e1675335e00e0f437cce921a1b22a8a33b76.tar.bz2
Trent Mick:
This patches fixes a possible overflow of the optional timeout parameter for the select() function (selectmodule.c). This timeout is passed in as a double and then truncated to an int. If the double is sufficiently large you can get unexpected results as it overflows. This patch raises an overflow if the given select timeout overflows. [GvR: To my embarrassment, the original code was assuming an int could always hold a million. Note that the overflow check doesn't test for a very large *negative* timeout passed in -- but who in the world would do such a thing?]
Diffstat (limited to 'Modules')
-rw-r--r--Modules/selectmodule.c10
1 files changed, 7 insertions, 3 deletions
diff --git a/Modules/selectmodule.c b/Modules/selectmodule.c
index fb46fc3..21eab47 100644
--- a/Modules/selectmodule.c
+++ b/Modules/selectmodule.c
@@ -238,7 +238,7 @@ select_select(self, args)
fd_set ifdset, ofdset, efdset;
double timeout;
struct timeval tv, *tvp;
- int seconds;
+ long seconds;
int imax, omax, emax, max;
int n;
@@ -255,10 +255,14 @@ select_select(self, args)
return NULL;
}
else {
- seconds = (int)timeout;
+ if (timeout > (double)LONG_MAX) {
+ PyErr_SetString(PyExc_OverflowError, "timeout period too long");
+ return NULL;
+ }
+ seconds = (long)timeout;
timeout = timeout - (double)seconds;
tv.tv_sec = seconds;
- tv.tv_usec = (int)(timeout*1000000.0);
+ tv.tv_usec = (long)(timeout*1000000.0);
tvp = &tv;
}