[Python-checkins] cpython (merge 3.2 -> 3.3): Issue #16335: Fix integer overflow in unicode-escape decoder.
serhiy.storchaka
python-checkins at python.org
Mon Jan 21 10:46:22 CET 2013
http://hg.python.org/cpython/rev/494d341e9143
changeset: 81623:494d341e9143
branch: 3.3
parent: 81619:6df456f8fc6d
parent: 81622:7625866f8127
user: Serhiy Storchaka <storchaka at gmail.com>
date: Mon Jan 21 11:42:57 2013 +0200
summary:
Issue #16335: Fix integer overflow in unicode-escape decoder.
files:
Lib/test/test_ucn.py | 16 ++++++++++++++++
Objects/unicodeobject.c | 3 ++-
2 files changed, 18 insertions(+), 1 deletions(-)
diff --git a/Lib/test/test_ucn.py b/Lib/test/test_ucn.py
--- a/Lib/test/test_ucn.py
+++ b/Lib/test/test_ucn.py
@@ -9,6 +9,7 @@
import unittest
import unicodedata
+import _testcapi
from test import support
from http.client import HTTPException
@@ -215,6 +216,21 @@
str, b"\\NSPACE", 'unicode-escape', 'strict'
)
+ @unittest.skipUnless(_testcapi.INT_MAX < _testcapi.PY_SSIZE_T_MAX,
+ "needs UINT_MAX < SIZE_MAX")
+ def test_issue16335(self):
+ # very very long bogus character name
+ try:
+ x = b'\\N{SPACE' + b'x' * (_testcapi.UINT_MAX + 1) + b'}'
+ except MemoryError:
+ raise unittest.SkipTest("not enough memory")
+ self.assertEqual(len(x), len(b'\\N{SPACE}') + (_testcapi.UINT_MAX + 1))
+ self.assertRaisesRegex(UnicodeError,
+ 'unknown Unicode character name',
+ x.decode, 'unicode-escape'
+ )
+
+
def test_main():
support.run_unittest(UnicodeNamesTest)
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c
--- a/Objects/unicodeobject.c
+++ b/Objects/unicodeobject.c
@@ -5696,7 +5696,8 @@
/* found a name. look it up in the unicode database */
message = "unknown Unicode character name";
s++;
- if (ucnhash_CAPI->getcode(NULL, start, (int)(s-start-1),
+ if (s - start - 1 <= INT_MAX &&
+ ucnhash_CAPI->getcode(NULL, start, (int)(s-start-1),
&chr, 0))
goto store;
}
--
Repository URL: http://hg.python.org/cpython
More information about the Python-checkins
mailing list