Message 104149 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	alex
Recipients	alex
Date	2010-04-25.18:05:09
SpamBayes Score	2.5236466e-05
Marked as misclassified	No
Message-id	<1272218711.28.0.946765845832.issue8530@psf.upfronthosting.co.za>
In-reply-to

Content
In Objects/stringlib/fastsearch.h the lines: if (!STRINGLIB_BLOOM(mask, s[i-1])) and if (!STRINGLIB_BLOOM(mask, s[i-1])) can read beyond the front of the array that is passed to it when the loop enters with i = 0. I originally noticed this when porting the algorithm to PyPy (which has bounds checking :)), all tests pass if I simple add `if i-1 >= 0` before the conditional. This doesn't appear to actually cause the algorithm to ever break, but it is unsafe.

In Objects/stringlib/fastsearch.h the lines:

                if (!STRINGLIB_BLOOM(mask, s[i-1]))

and

                if (!STRINGLIB_BLOOM(mask, s[i-1]))

can read beyond the front of the array that is passed to it when the loop enters with i = 0.

I originally noticed this when porting the algorithm to PyPy (which has bounds checking :)), all tests pass if I simple add `if i-1 >= 0` before the conditional.  This doesn't appear to actually cause the algorithm to ever break, but it is unsafe.

History
Date	User	Action	Args
2010-04-25 18:05:11	alex	set	recipients: + alex
2010-04-25 18:05:11	alex	set	messageid: <1272218711.28.0.946765845832.issue8530@psf.upfronthosting.co.za>
2010-04-25 18:05:09	alex	link	issue8530 messages
2010-04-25 18:05:09	alex	create