search

python / cpython

The Python programming language
https://www.python.org/
Other
60.05k stars 29.08k forks source link

fix arraymodule for overflow checking #32429

Closed bdaf8532-ded6-4d4c-9bb3-51fd76040dc1 closed 23 years ago

bdaf8532-ded6-4d4c-9bb3-51fd76040dc1 commented 23 years ago
BPO 400506
Nosy @freddrake
Files
  • None: None
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields: ```python assignee = 'https://github.com/freddrake' closed_at = created_at = labels = [] title = 'fix arraymodule for overflow checking' updated_at = user = 'https://bugs.python.org/tmick' ``` bugs.python.org fields: ```python activity = actor = 'tmick' assignee = 'fdrake' closed = True closed_date = None closer = None components = ['None'] creation = creator = 'tmick' dependencies = [] files = ['2437'] hgrepos = [] issue_num = 400506 keywords = ['patch'] message_count = 3.0 messages = ['32689', '32690', '32691'] nosy_count = 2.0 nosy_names = ['fdrake', 'tmick'] pr_nums = [] priority = 'normal' resolution = None stage = None status = 'closed' superseder = None type = None url = 'https://bugs.python.org/issue400506' versions = [] ```

    bdaf8532-ded6-4d4c-9bb3-51fd76040dc1 commented 23 years ago
    bdaf8532-ded6-4d4c-9bb3-51fd76040dc1 commented 23 years ago

    I confirm that, to the best of my knowledge and belief, this contribution is free of any claims of third parties under copyright, patent or other rights or interests ("claims"). To the extent that I have any such claims, I hereby grant to CNRI a nonexclusive, irrevocable, royalty-free, worldwide license to reproduce, distribute, perform and/or display publicly, prepare derivative versions, and otherwise use this contribution as part of the Python software and its related documentation, or any derivative versions thereof, at no cost to CNRI or its licensed users, and to authorize others to do so.

    I acknowledge that CNRI may, at its sole discretion, decide whether or not to incorporate this contribution in the Python software and its related documentation. I further grant CNRI permission to use my name and other identifying information provided to CNRI by me for use in connection with the Python software and its related documentation.

    bdaf8532-ded6-4d4c-9bb3-51fd76040dc1 commented 23 years ago

    The cause: Relatively recent (last month) patches to getargs.c added overflow checking to the PyArg_Parse*() integral formatters thereby restricting 'b' to unsigned char value and 'h','i', and 'l' to signed integral values (i.e. if the incoming value is outside of the specified bounds you get an OverflowError, previous it silently overflowed).

    The problem: This broke the array module (as Fredrik pointed out) because *its formatters relied on the loose allowance of signed and unsigned ranges being able to pass through PyArg_Parse()'s formatters.

    The fix: This patch fixes the array module to work with the more strict bounds checking now in PyArg_Parse*().

    How: If the type signature of a formatter in the arraymodule exactly matches one in PyArg_Parse(), then use that directly. If there is no equivalent type signature in PyArg_Parse() (e.g. there is no unsigned int formatter in PyArg_Parse*()), then use the next one up and do some extra bounds checking in the array module.

    Testing: test_array.py was also extended to check that one can set the full range of values for each of the integral signed and unsigned array types.