Message204090
Christian: I don't think this code is safe:
- nd0 = nd = s - s1;
+ tmp = s - s1;
+ nd0 = nd = Py_SAFE_DOWNCAST(tmp, Py_SSIZE_T, int);
The result of the Py_SAFE_DOWNCAST could be almost anything, and in particular could be negative. It would take a careful examination of the code to guarantee that a negative nd or nd0 won't lead to difficulties further down the algorithm. I think we need to raise an error if tmp is too large, *before* the downcast. |
|
Date |
User |
Action |
Args |
2013-11-23 20:08:24 | mark.dickinson | set | recipients:
+ mark.dickinson, vstinner, eric.smith, christian.heimes, jkloth, zach.ware |
2013-11-23 20:08:24 | mark.dickinson | set | messageid: <1385237304.01.0.383466952555.issue19638@psf.upfronthosting.co.za> |
2013-11-23 20:08:24 | mark.dickinson | link | issue19638 messages |
2013-11-23 20:08:23 | mark.dickinson | create | |
|