New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
integer overflow in unicodedata.normalize #67556
Comments
# Bug #
# % ./python -V
# Python 3.4.1
#
# % uname -a
# Linux ubuntu 3.8.0-29-generic #42~precise1-Ubuntu SMP Wed Aug 14 15:31:16 UTC 2013 i686 i686 i386 GNU/Linux
import unicodedata as ud
s="\xa0"*(2**30)
ud.normalize("NFKC", s) |
New changeset 84025a32fa2b by Benjamin Peterson in branch '3.3': New changeset 90f960e79c9e by Benjamin Peterson in branch '3.4': New changeset 93244000efea by Benjamin Peterson in branch 'default': New changeset 3019effc44f2 by Benjamin Peterson in branch '2.7': |
Actually integer overflow in the line space = (isize > 10 ? 10 : isize) + isize; is not possible. Integer overflows in PyMem_Malloc were fixed in bpo-23446. |
Why can't (isize > 10 ? 10 : isize) + isize overflow? |
Because isize is the size of real PyUnicode object. It's maximal value is PY_SSIZE_T_MAX - sizeof(PyASCIIObject) - 1. |
Well, the test doesn't hurt. |
True, but that could change and is not true in Python 2. I suppose we
|
The test doesn't hurt. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: