mirror of
https://github.com/python/cpython.git
synced 2024-11-29 04:44:13 +08:00
merge 3.2 (closes #23165)
This commit is contained in:
commit
72c2a0f60a
@ -23,6 +23,9 @@ Core and Builtins
|
||||
|
||||
- Issue #22518: Fix integer overflow issues in latin-1 encoding.
|
||||
|
||||
- Issue #23165: Perform overflow checks before allocating memory in the
|
||||
_Py_char2wchar function.
|
||||
|
||||
Library
|
||||
-------
|
||||
|
||||
|
@ -201,8 +201,11 @@ decode_ascii_surrogateescape(const char *arg, size_t *size)
|
||||
wchar_t *res;
|
||||
unsigned char *in;
|
||||
wchar_t *out;
|
||||
size_t argsize = strlen(arg) + 1;
|
||||
|
||||
res = PyMem_Malloc((strlen(arg)+1)*sizeof(wchar_t));
|
||||
if (argsize > PY_SSIZE_T_MAX/sizeof(wchar_t))
|
||||
return NULL;
|
||||
res = PyMem_Malloc(argsize*sizeof(wchar_t));
|
||||
if (!res)
|
||||
return NULL;
|
||||
|
||||
@ -284,10 +287,15 @@ _Py_char2wchar(const char* arg, size_t *size)
|
||||
argsize = mbstowcs(NULL, arg, 0);
|
||||
#endif
|
||||
if (argsize != (size_t)-1) {
|
||||
res = (wchar_t *)PyMem_Malloc((argsize+1)*sizeof(wchar_t));
|
||||
if (argsize == PY_SSIZE_T_MAX)
|
||||
goto oom;
|
||||
argsize += 1;
|
||||
if (argsize > PY_SSIZE_T_MAX/sizeof(wchar_t))
|
||||
goto oom;
|
||||
res = (wchar_t *)PyMem_Malloc(argsize*sizeof(wchar_t));
|
||||
if (!res)
|
||||
goto oom;
|
||||
count = mbstowcs(res, arg, argsize+1);
|
||||
count = mbstowcs(res, arg, argsize);
|
||||
if (count != (size_t)-1) {
|
||||
wchar_t *tmp;
|
||||
/* Only use the result if it contains no
|
||||
@ -310,6 +318,8 @@ _Py_char2wchar(const char* arg, size_t *size)
|
||||
/* Overallocate; as multi-byte characters are in the argument, the
|
||||
actual output could use less memory. */
|
||||
argsize = strlen(arg) + 1;
|
||||
if (argsize > PY_SSIZE_T_MAX/sizeof(wchar_t))
|
||||
goto oom;
|
||||
res = (wchar_t*)PyMem_Malloc(argsize*sizeof(wchar_t));
|
||||
if (!res)
|
||||
goto oom;
|
||||
|
Loading…
Reference in New Issue
Block a user