Message171657
In several places such dungerous code used to check the integer overflow:
size = n * itemsize;
if (size / itemsize != n) raise exception...
Because these values are signed, this results in undefined behavior.
The proposed patches replace similar unsafe code to safe one. Note that the patches for the different versions are substantially different. |
|
Date |
User |
Action |
Args |
2012-09-30 18:34:11 | serhiy.storchaka | set | recipients:
+ serhiy.storchaka, mark.dickinson |
2012-09-30 18:34:11 | serhiy.storchaka | set | messageid: <1349030051.26.0.323672452753.issue16096@psf.upfronthosting.co.za> |
2012-09-30 18:34:11 | serhiy.storchaka | link | issue16096 messages |
2012-09-30 18:34:10 | serhiy.storchaka | create | |
|