Author: Armin Rigo <[email protected]>
Branch:
Changeset: r65966:163681440d6c
Date: 2013-08-06 12:54 +0200
http://bitbucket.org/pypy/pypy/changeset/163681440d6c/
Log: Carefully prevent overflows from passing silently
diff --git a/rpython/rlib/rmarshal.py b/rpython/rlib/rmarshal.py
--- a/rpython/rlib/rmarshal.py
+++ b/rpython/rlib/rmarshal.py
@@ -6,7 +6,7 @@
from rpython.annotator.signature import annotation
from rpython.annotator.listdef import ListDef, TooLateForChange
from rpython.tool.pairtype import pair, pairtype
-from rpython.rlib.rarithmetic import r_longlong, intmask, LONG_BIT
+from rpython.rlib.rarithmetic import r_longlong, intmask, LONG_BIT, ovfcheck
from rpython.rlib.rfloat import formatd, rstring_to_float
from rpython.rlib.unroll import unrolling_iterable
from rpython.rlib.rstring import assert_str0
@@ -289,7 +289,10 @@
if count < 0:
raise ValueError("negative count")
pos = loader.pos
- end = pos + count
+ try:
+ end = ovfcheck(pos + count)
+ except OverflowError:
+ raise ValueError("cannot decode count: value too big")
while end > len(loader.buf):
loader.need_more_data()
loader.pos = end
_______________________________________________
pypy-commit mailing list
[email protected]
http://mail.python.org/mailman/listinfo/pypy-commit
