Skip to content

C
cpython
Commit c5fa9920 authored by Raymond Hettinger's avatar Raymond Hettinger
Browse files
Options

Armin's patch to prevent overflows.

parent f7948c25
Hide whitespace changes
Inline Side-by-side
Showing with 22 additions and 7 deletions
Modules/collectionsmodule.c
View file @ c5fa9920
...@@ -52,8 +52,21 @@ typedef struct BLOCK { ...@@ -52,8 +52,21 @@ typedef struct BLOCK {
} block; } block;
static block * static block *
newblock(block *leftlink, block *rightlink) { newblock(block *leftlink, block *rightlink, int len) {
block *b = PyMem_Malloc(sizeof(block)); block *b;
/* To prevent len from overflowing INT_MAX on 64-bit machines, we
* refuse to allocate new blocks if the current len is dangerously
* close. There is some extra margin to prevent spurious arithmetic
* overflows at various places. The following check ensures that
* the blocks allocated to the deque, in the worst case, can only
* have INT_MAX-2 entries in total.
*/
if (len >= INT_MAX - 2*BLOCKLEN) {
PyErr_SetString(PyExc_OverflowError,
"cannot add more blocks to the deque");
return NULL;
}
b = PyMem_Malloc(sizeof(block));
if (b == NULL) { if (b == NULL) {
PyErr_NoMemory(); PyErr_NoMemory();
return NULL; return NULL;
...@@ -87,7 +100,7 @@ deque_new(PyTypeObject *type, PyObject *args, PyObject *kwds) ...@@ -87,7 +100,7 @@ deque_new(PyTypeObject *type, PyObject *args, PyObject *kwds)
if (deque == NULL) if (deque == NULL)
return NULL; return NULL;
b = newblock(NULL, NULL); b = newblock(NULL, NULL, 0);
if (b == NULL) { if (b == NULL) {
Py_DECREF(deque); Py_DECREF(deque);
return NULL; return NULL;
...@@ -110,7 +123,7 @@ deque_append(dequeobject *deque, PyObject *item) ...@@ -110,7 +123,7 @@ deque_append(dequeobject *deque, PyObject *item)
{ {
deque->state++; deque->state++;
if (deque->rightindex == BLOCKLEN-1) { if (deque->rightindex == BLOCKLEN-1) {
block *b = newblock(deque->rightblock, NULL); block *b = newblock(deque->rightblock, NULL, deque->len);
if (b == NULL) if (b == NULL)
return NULL; return NULL;
assert(deque->rightblock->rightlink == NULL); assert(deque->rightblock->rightlink == NULL);
...@@ -132,7 +145,7 @@ deque_appendleft(dequeobject *deque, PyObject *item) ...@@ -132,7 +145,7 @@ deque_appendleft(dequeobject *deque, PyObject *item)
{ {
deque->state++; deque->state++;
if (deque->leftindex == 0) { if (deque->leftindex == 0) {
block *b = newblock(NULL, deque->leftblock); block *b = newblock(NULL, deque->leftblock, deque->len);
if (b == NULL) if (b == NULL)
return NULL; return NULL;
assert(deque->leftblock->leftlink == NULL); assert(deque->leftblock->leftlink == NULL);
...@@ -235,7 +248,8 @@ deque_extend(dequeobject *deque, PyObject *iterable) ...@@ -235,7 +248,8 @@ deque_extend(dequeobject *deque, PyObject *iterable)
while ((item = PyIter_Next(it)) != NULL) { while ((item = PyIter_Next(it)) != NULL) {
deque->state++; deque->state++;
if (deque->rightindex == BLOCKLEN-1) { if (deque->rightindex == BLOCKLEN-1) {
block *b = newblock(deque->rightblock, NULL); block *b = newblock(deque->rightblock, NULL,
deque->len);
if (b == NULL) { if (b == NULL) {
Py_DECREF(item); Py_DECREF(item);
Py_DECREF(it); Py_DECREF(it);
...@@ -271,7 +285,8 @@ deque_extendleft(dequeobject *deque, PyObject *iterable) ...@@ -271,7 +285,8 @@ deque_extendleft(dequeobject *deque, PyObject *iterable)
while ((item = PyIter_Next(it)) != NULL) { while ((item = PyIter_Next(it)) != NULL) {
deque->state++; deque->state++;
if (deque->leftindex == 0) { if (deque->leftindex == 0) {
block *b = newblock(NULL, deque->leftblock); block *b = newblock(NULL, deque->leftblock,
deque->len);
if (b == NULL) { if (b == NULL) {
Py_DECREF(item); Py_DECREF(item);
Py_DECREF(it); Py_DECREF(it);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7