diff options
| author | Xi Ruoyao <xry111@mengyan1223.wang> | 2019-05-11 17:13:23 (GMT) |
|---|---|---|
| committer | Victor Stinner <vstinner@redhat.com> | 2019-05-11 17:13:23 (GMT) |
| commit | 6236c9823ef3e8e2229b0598d3d8189adf5e00f2 (patch) | |
| tree | 58f1ac8948e1e237b4f88b776da91b75512d4166 /Modules | |
| parent | 79972f1fad5247ade34ef98ad987162a9a78401d (diff) | |
| download | cpython-6236c9823ef3e8e2229b0598d3d8189adf5e00f2.zip cpython-6236c9823ef3e8e2229b0598d3d8189adf5e00f2.tar.gz cpython-6236c9823ef3e8e2229b0598d3d8189adf5e00f2.tar.bz2 | |
bpo-36856: Handle possible overflow in faulthandler_stack_overflow (GH-13205)
Diffstat (limited to 'Modules')
| -rw-r--r-- | Modules/faulthandler.c | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/Modules/faulthandler.c b/Modules/faulthandler.c index d45b866..63a9b91 100644 --- a/Modules/faulthandler.c +++ b/Modules/faulthandler.c @@ -1121,13 +1121,26 @@ faulthandler_stack_overflow(PyObject *self, PyObject *Py_UNUSED(ignored)) { size_t depth, size; uintptr_t sp = (uintptr_t)&depth; - uintptr_t stop; + uintptr_t stop, lower_limit, upper_limit; faulthandler_suppress_crash_report(); depth = 0; - stop = stack_overflow(sp - STACK_OVERFLOW_MAX_SIZE, - sp + STACK_OVERFLOW_MAX_SIZE, - &depth); + + if (STACK_OVERFLOW_MAX_SIZE <= sp) { + lower_limit = sp - STACK_OVERFLOW_MAX_SIZE; + } + else { + lower_limit = 0; + } + + if (UINTPTR_MAX - STACK_OVERFLOW_MAX_SIZE >= sp) { + upper_limit = sp + STACK_OVERFLOW_MAX_SIZE; + } + else { + upper_limit = UINTPTR_MAX; + } + + stop = stack_overflow(lower_limit, upper_limit, &depth); if (sp < stop) size = stop - sp; else |