__Pyx_decode_c_string: check for overflow when calling strlen.

Fixes http://trac.cython.org/ticket/864. --HG-- extra : amend_source : d2a97da4f942d555723b9bfa488985c5e5c27721

__Pyx_decode_c_string: check for overflow when calling strlen.
Fixes http://trac.cython.org/ticket/864. --HG-- extra : amend_source : d2a97da4f942d555723b9bfa488985c5e5c27721
71902f2b · Nikolaus Rath · Stefan Behnel · 3489c221 · 71902f2b
Commit 71902f2b authored Sep 12, 2015 by Nikolaus Rath Committed by Stefan Behnel Sep 13, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 2 deletions

Cython/Utility/StringTools.c Cython/Utility/StringTools.c +11 -2

No files found.
--- a/Cython/Utility/StringTools.c
+++ b/Cython/Utility/StringTools.c
@@ -395,14 +395,23 @@ static CYTHON_INLINE PyObject* __Pyx_decode_c_string(
 //@requires: IncludeStringH

 /* duplicate code to avoid calling strlen() if start >= 0 and stop >= 0 */
-
+/* Casting to Py_ssize_t and checking for negative values to determine
+ * if overflow occured should be safe in practice (it's undefined
+ * behavior by C99, but common behavior for systems with
+ * two-complement representation).
+ */
 static CYTHON_INLINE PyObject* __Pyx_decode_c_string(
         const char* cstring, Py_ssize_t start, Py_ssize_t stop,
         const char* encoding, const char* errors,
         PyObject* (*decode_func)(const char *s, Py_ssize_t size, const char *errors)) {
    Py_ssize_t length;
    if (unlikely((start < 0) | (stop < 0))) {
-        length = strlen(cstring);
+        length = (Py_ssize_t) strlen(cstring);
+        if(length < 0) {
+            PyErr_SetString(PyExc_OverflowError,
+                            "c-string too long to convert to Python");
+            return NULL;
+        }
        if (start < 0) {
            start += length;
            if (start < 0)