From 451385d8f8e8bedd347d363fd0e01288226daee2 Mon Sep 17 00:00:00 2001 From: Victor Stinner Date: Mon, 21 Mar 2011 03:22:50 +0100 Subject: Issue #8651: PyArg_Parse*() functions raise an OverflowError if the file doesn't have PY_SSIZE_T_CLEAN define and the size doesn't fit in an int (length bigger than 2^31-1 bytes). --- Lib/test/test_xml_etree_c.py | 18 ++++++++++++++++++ Misc/NEWS | 4 ++++ Python/getargs.c | 12 +++++++++++- 3 files changed, 33 insertions(+), 1 deletion(-) diff --git a/Lib/test/test_xml_etree_c.py b/Lib/test/test_xml_etree_c.py index 71973ed..c48276a 100644 --- a/Lib/test/test_xml_etree_c.py +++ b/Lib/test/test_xml_etree_c.py @@ -4,6 +4,8 @@ import doctest import sys from test import support +from test.support import precisionbigmemtest, _2G +import unittest ET = support.import_module('xml.etree.cElementTree') @@ -212,9 +214,25 @@ def bug_1534630(): '' """ +class MiscTests(unittest.TestCase): + # Issue #8651. + @support.precisionbigmemtest(size=support._2G + 100, memuse=1) + def test_length_overflow(self, size): + if size < support._2G + 100: + self.skipTest("not enough free memory, need at least 2 GB") + data = b'x' * size + parser = ET.XMLParser() + try: + self.assertRaises(OverflowError, parser.feed, data) + finally: + data = None + + def test_main(): from test import test_xml_etree_c support.run_doctest(test_xml_etree_c, verbosity=True) + support.run_unittest(MiscTests) + if __name__ == '__main__': test_main() diff --git a/Misc/NEWS b/Misc/NEWS index 461afd7..fca77ef 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -10,6 +10,10 @@ What's New in Python 3.1.4? Core and Builtins ----------------- +- Issue #8651: PyArg_Parse*() functions raise an OverflowError if the file + doesn't have PY_SSIZE_T_CLEAN define and the size doesn't fit in an int + (length bigger than 2^31-1 bytes). + - Issue #11450: Don't truncate hg version info in Py_GetBuildInfo() when there are many tags (e.g. when using mq). Patch by Nadeem Vawda. diff --git a/Python/getargs.c b/Python/getargs.c index 686eac5..0009b35 100644 --- a/Python/getargs.c +++ b/Python/getargs.c @@ -613,7 +613,17 @@ convertsimple(PyObject *arg, const char **p_format, va_list *p_va, int flags, #define FETCH_SIZE int *q=NULL;Py_ssize_t *q2=NULL;\ if (flags & FLAG_SIZE_T) q2=va_arg(*p_va, Py_ssize_t*); \ else q=va_arg(*p_va, int*); -#define STORE_SIZE(s) if (flags & FLAG_SIZE_T) *q2=s; else *q=s; +#define STORE_SIZE(s) \ + if (flags & FLAG_SIZE_T) \ + *q2=s; \ + else { \ + if (INT_MAX < s) { \ + PyErr_SetString(PyExc_OverflowError, \ + "size does not fit in an int"); \ + return converterr("", arg, msgbuf, bufsize); \ + } \ + *q=s; \ + } #define BUFFER_LEN ((flags & FLAG_SIZE_T) ? *q2:*q) const char *format = *p_format; -- cgit v0.12