diff options
author | Guido van Rossum <guido@python.org> | 2000-06-28 21:18:13 (GMT) |
---|---|---|
committer | Guido van Rossum <guido@python.org> | 2000-06-28 21:18:13 (GMT) |
commit | 3262e1675335e00e0f437cce921a1b22a8a33b76 (patch) | |
tree | 3f17d745d3e62934003e15c96bc742662a856a5b /Modules | |
parent | 106f2dae868770f6b6ed2c949dd5b4deb07b880b (diff) | |
download | cpython-3262e1675335e00e0f437cce921a1b22a8a33b76.zip cpython-3262e1675335e00e0f437cce921a1b22a8a33b76.tar.gz cpython-3262e1675335e00e0f437cce921a1b22a8a33b76.tar.bz2 |
Trent Mick:
This patches fixes a possible overflow of the optional timeout
parameter for the select() function (selectmodule.c). This timeout is
passed in as a double and then truncated to an int. If the double is
sufficiently large you can get unexpected results as it
overflows. This patch raises an overflow if the given select timeout
overflows.
[GvR: To my embarrassment, the original code was assuming an int could
always hold a million. Note that the overflow check doesn't test for
a very large *negative* timeout passed in -- but who in the world
would do such a thing?]
Diffstat (limited to 'Modules')
-rw-r--r-- | Modules/selectmodule.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/Modules/selectmodule.c b/Modules/selectmodule.c index fb46fc3..21eab47 100644 --- a/Modules/selectmodule.c +++ b/Modules/selectmodule.c @@ -238,7 +238,7 @@ select_select(self, args) fd_set ifdset, ofdset, efdset; double timeout; struct timeval tv, *tvp; - int seconds; + long seconds; int imax, omax, emax, max; int n; @@ -255,10 +255,14 @@ select_select(self, args) return NULL; } else { - seconds = (int)timeout; + if (timeout > (double)LONG_MAX) { + PyErr_SetString(PyExc_OverflowError, "timeout period too long"); + return NULL; + } + seconds = (long)timeout; timeout = timeout - (double)seconds; tv.tv_sec = seconds; - tv.tv_usec = (int)(timeout*1000000.0); + tv.tv_usec = (long)(timeout*1000000.0); tvp = &tv; } |