diff options
| author |   Mark Dickinson <mdickinson@enthought.com> | 2012-10-06 18:04:49 +0100 |
|---|---|---|
| committer | Mark Dickinson <mdickinson@enthought.com> | 2012-10-06 18:04:49 +0100 |
| commit | c04ddff290fc203d05b75c8569b748525fb76b5b (patch) | |
| tree | 184849e76ebe965016c2737939f9eaa0dfb900ee /Modules/_randommodule.c | |
| parent | revert accidental inclusion of subprocess tests (diff) | |
| download | cpython-c04ddff290fc203d05b75c8569b748525fb76b5b.tar.gz cpython-c04ddff290fc203d05b75c8569b748525fb76b5b.tar.bz2 cpython-c04ddff290fc203d05b75c8569b748525fb76b5b.zip | |
Issue #16096: Fix several occurrences of potential signed integer overflow. Thanks Serhiy Storchaka.
Diffstat (limited to 'Modules/_randommodule.c')
| -rw-r--r-- | Modules/_randommodule.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/Modules/_randommodule.c b/Modules/_randommodule.c index 421a0d8ed9e..6540ab9d4c9 100644 --- a/Modules/_randommodule.c +++ b/Modules/_randommodule.c @@ -284,7 +284,8 @@ random_seed(RandomObject *self, PyObject *args) n = newn; if (keyused >= keymax) { unsigned long bigger = keymax << 1; - if ((bigger >> 1) != keymax) { + if ((bigger >> 1) != keymax || + bigger > PY_SSIZE_T_MAX / sizeof(*key)) { PyErr_NoMemory(); goto Done; } |