diff options
| -rw-r--r-- | Misc/NEWS | 3 | ||||
| -rw-r--r-- | Objects/bytearrayobject.c | 12 |
2 files changed, 14 insertions, 1 deletions
@@ -10,6 +10,9 @@ What's New in Python 3.6.0 alpha 4 Core and Builtins ----------------- +- Issue #27507: Add integer overflow check in bytearray.extend(). Patch by + Xiang Zhang. + - Issue #27419: Standard __import__() no longer look up "__import__" in globals or builtins for importing submodules or "from import". Fixed a crash if raise a warning about unabling to resolve package from __spec__ or diff --git a/Objects/bytearrayobject.c b/Objects/bytearrayobject.c index 4990b3e..f8c21d4 100644 --- a/Objects/bytearrayobject.c +++ b/Objects/bytearrayobject.c @@ -1642,7 +1642,17 @@ bytearray_extend(PyByteArrayObject *self, PyObject *iterable_of_ints) Py_DECREF(item); if (len >= buf_size) { - buf_size = len + (len >> 1) + 1; + Py_ssize_t addition; + if (len == PY_SSIZE_T_MAX) { + Py_DECREF(it); + Py_DECREF(bytearray_obj); + return PyErr_NoMemory(); + } + addition = len >> 1; + if (addition > PY_SSIZE_T_MAX - len - 1) + buf_size = PY_SSIZE_T_MAX; + else + buf_size = len + addition + 1; if (PyByteArray_Resize((PyObject *)bytearray_obj, buf_size) < 0) { Py_DECREF(it); Py_DECREF(bytearray_obj); |