mirrors/cpython
0
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2024-11-28 04:15:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Trent Mick:

Browse Source 
This patches fixes a possible overflow of the optional timeout
parameter for the select() function (selectmodule.c). This timeout is
passed in as a double and then truncated to an int. If the double is
sufficiently large you can get unexpected results as it
overflows. This patch raises an overflow if the given select timeout
overflows.

[GvR: To my embarrassment, the original code was assuming an int could
always hold a million.  Note that the overflow check doesn't test for
a very large *negative* timeout passed in -- but who in the world
would do such a thing?]
This commit is contained in:
Guido van Rossum 2000-06-28 21:18:13 +00:00
parent 106f2dae86
commit 3262e16753
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Modules/selectmodule.c
View File

@ -238,7 +238,7 @@ select_select(self, args)
fd_set ifdset, ofdset, efdset;
double timeout;
struct timeval tv, *tvp;
int seconds;
long seconds;
int imax, omax, emax, max;
int n;
@ -255,10 +255,14 @@ select_select(self, args)
return NULL;
}
else {
seconds = (int)timeout;
if (timeout > (double)LONG_MAX) {
PyErr_SetString(PyExc_OverflowError, "timeout period too long");
return NULL;
}
seconds = (long)timeout;
timeout = timeout - (double)seconds;
tv.tv_sec = seconds;
tv.tv_usec = (int)(timeout*1000000.0);
tv.tv_usec = (long)(timeout*1000000.0);
tvp = &tv;
}