This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author dugan
Recipients Rhamphoryncus, akuchling, arigo, dugan, jafo, jepler, loewis
Date 2008-02-23.17:29:30
SpamBayes Score 0.03116796
Marked as misclassified No
Message-id <1203787772.01.0.932778131905.issue1174606@psf.upfronthosting.co.za>
In-reply-to
Content 
I don't see any change to the return value of new_buffersize that could
alleviate this problem - the problem being that because linux is
extremely efficient at reading bytes from /dev/zero, some other code
incosistencies are exposed.

The problem that is being hit is that the new_buffersize value is
allowed to grow without bounds and is never rechecked for sanity, then
is passed in to PyString_Resize where it is converted from unsigned int
to signed int.

I suggest adding a check of new_buffersize against PY_SSIZE_T_MAX.  If
it exceeded, we could raise an OverflowError - "unbounded read consumed
more bytes than a Python string can hold"
History
Date User Action Args
2008-02-23 17:29:32dugansetspambayes_score: 0.031168 -> 0.03116796
recipients: + dugan, loewis, akuchling, arigo, jepler, jafo, rhamphoryncus.historic
2008-02-23 17:29:32dugansetspambayes_score: 0.031168 -> 0.031168
messageid: <1203787772.01.0.932778131905.issue1174606@psf.upfronthosting.co.za>
2008-02-23 17:29:31duganlinkissue1174606 messages
2008-02-23 17:29:30dugancreate