[New-bugs-announce] [issue36946] Possible signed integer overflow in slice handling
Zackery Spytz
report at bugs.python.org
Fri May 17 01:48:44 EDT 2019
New submission from Zackery Spytz <zspytz at gmail.com>:
Python 3.8.0a4+ (heads/master:870b035bc6, May 16 2019, 20:53:02)
[GCC 9.0.1 20190402 (experimental) [trunk revision 270074]] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import sys
>>> 'hi'[1::sys.maxsize]
Objects/unicodeobject.c:14038:55: runtime error: signed integer overflow: 1 + 9223372036854775807 cannot be represented in type 'long int'
'i'
>>>
This is because unicode_subscript() performs an extra addition (cur += step) at the end of the for loop (which can overflow). The result of that final addition is not actually used.
A patch to fix this issue was posted on #1621, but it seems that the patch has been abandoned. The bug is also described in detail in that issue. I have tweaked the patch and will open a PR.
----------
components: Extension Modules, Interpreter Core
messages: 342689
nosy: ZackerySpytz, martin.panter
priority: normal
severity: normal
status: open
title: Possible signed integer overflow in slice handling
type: behavior
versions: Python 3.7, Python 3.8
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue36946>
_______________________________________
More information about the New-bugs-announce
mailing list