Author vstinner
Recipients ebfe, pitrou, vstinner
Date 2008-12-26.22:32:36
SpamBayes Score 1.24001e-05
Marked as misclassified No
Message-id <1230330757.97.0.710407230501.issue4751@psf.upfronthosting.co.za>
In-reply-to
Content
If view.len is negative, EVP_hash() may read invalid memory :-/ Be 
careful of integer overflow in this block:

   Py_ssize_t offset = 0, sublen = len;
   while (sublen) {
      unsigned int process = sublen > MUNCH_SIZE ? MUNCH_SIZE : 
sublen;
      ...
   }

You removed Py_SAFE_DOWNCAST(len, Py_ssize_t, unsigned int) which 
should be used (eg. on process?).

Note: you might modify len directly instead of using a second variable 
(sublen), and cp instead of using an offset.
History
Date User Action Args
2008-12-26 22:32:38vstinnersetrecipients: + vstinner, pitrou, ebfe
2008-12-26 22:32:37vstinnersetmessageid: <1230330757.97.0.710407230501.issue4751@psf.upfronthosting.co.za>
2008-12-26 22:32:37vstinnerlinkissue4751 messages
2008-12-26 22:32:36vstinnercreate