Issue #14716: Change integer overflow check in unicode_writer_prepare()

to compute the limit at compile time instead of runtime. Patch writen by Serhiy Storchaka.
author: Victor Stinner <victor.stinner@gmail.com> 2012-05-07 13:02:44 +0200
committer: Victor Stinner <victor.stinner@gmail.com> 2012-05-07 13:02:44 +0200
commit: 0576f9b4cf7e4b373eff1e610d6c63682a0ce089 (patch)
tree: 11397888b29ab247c6d098be38df047bd48d2d4a /Objects/unicodeobject.c
parent: 202fdca133ce8f5b0c37cca1353070e0721c688d (diff)
download: cpython-git-0576f9b4cf7e4b373eff1e610d6c63682a0ce089.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c
index 0722312373..4bbaa35891 100644
--- a/Objects/unicodeobject.c
+++ b/Objects/unicodeobject.c
@@ -13242,8 +13242,10 @@ unicode_writer_prepare(unicode_writer_t *writer,
     newlen = writer->pos + length;
 
     if (newlen > PyUnicode_GET_LENGTH(writer->buffer)) {
-        /* overallocate 25% to limit the number of resize */
-        if (newlen <= (PY_SSIZE_T_MAX - newlen / 4))
+        /* Overallocate 25% to limit the number of resize.
+           Check for integer overflow:
+           (newlen + newlen / 4) <= PY_SSIZE_T_MAX */
+        if (newlen <= (PY_SSIZE_T_MAX - PY_SSIZE_T_MAX / 5))
             newlen += newlen / 4;
 
         if (maxchar > writer->maxchar) {
author	Victor Stinner <victor.stinner@gmail.com>	2012-05-07 13:02:44 +0200
committer	Victor Stinner <victor.stinner@gmail.com>	2012-05-07 13:02:44 +0200
commit	0576f9b4cf7e4b373eff1e610d6c63682a0ce089 (patch)
tree	11397888b29ab247c6d098be38df047bd48d2d4a /Objects/unicodeobject.c
parent	202fdca133ce8f5b0c37cca1353070e0721c688d (diff)
download	cpython-git-0576f9b4cf7e4b373eff1e610d6c63682a0ce089.tar.gz