New submission from Serhiy Storchaka: In several places such dungerous code used to check the integer overflow:
size = n * itemsize; if (size / itemsize != n) raise exception... Because these values are signed, this results in undefined behavior. The proposed patches replace similar unsafe code to safe one. Note that the patches for the different versions are substantially different. ---------- components: Extension Modules, Interpreter Core files: size_overflow-3.3.patch keywords: patch messages: 171657 nosy: mark.dickinson, storchaka priority: normal severity: normal status: open title: Get rid of dangerous integer overflow tricks type: behavior versions: Python 2.7, Python 3.2, Python 3.3, Python 3.4 Added file: http://bugs.python.org/file27360/size_overflow-3.3.patch _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue16096> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com