Message 265953 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	python-dev, serhiy.storchaka, vstinner
Date	2016-05-20.19:19:20
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<CAMpsgwb__qHtFq4wpZk_Dme=a-23h_ZuEFCys7t5MHDy3f1ziA@mail.gmail.com>
In-reply-to	<1463753269.69.0.834606005526.issue27056@psf.upfronthosting.co.za>

Content
Serhiy Storchaka: > I think that integer overflow in _Unpickler_Read() is possible. n is read from file and can be arbitrary (up to PY_SSIZE_T_MAX). This likely cause raising an exception later, but integer overflow itself causes undefined behavior, and we should avoid it. Hum, I understood that it's ok since numbers should be signed, but in fact I'm not confident that n is always signed. You are right, it's better to use your code to avoid the integer overflow. I pushed a fix.

Serhiy Storchaka:
> I think that integer overflow in _Unpickler_Read() is possible. n is read from file and can be arbitrary (up to PY_SSIZE_T_MAX). This likely cause raising an exception later, but integer overflow itself causes undefined behavior, and we should avoid it.

Hum, I understood that it's ok since numbers should be signed, but in
fact I'm not confident that n is always signed. You are right, it's
better to use your code to avoid the integer overflow. I pushed a fix.

History
Date	User	Action	Args
2016-05-20 19:19:20	vstinner	set	recipients: + vstinner, python-dev, serhiy.storchaka
2016-05-20 19:19:20	vstinner	link	issue27056 messages
2016-05-20 19:19:20	vstinner	create