upstream/mercurial-mirror Commit - r34032:e97be042

encoding: check overflow while calculating size of JSON escape buffer...

Yuya Nishihara -

r34032:e97be042 default

parent child

mercurial/cext/charencode.c

0 +11 -1

              				return -1;
              			}
              			esclen += jsonparanoidlentable[(unsigned char)c];
+             			if (esclen < 0) {
+             				PyErr_SetString(PyExc_MemoryError,
+             						"overflow in jsonescapelen");
+             				return -1;
+             			}
              		}
              	} else {
              		for (i = 0; i < len; i++) {
              			char c = buf[i];
              			esclen += jsonlentable[(unsigned char)c];
+             			if (esclen < 0) {
+             				PyErr_SetString(PyExc_MemoryError,
+             						"overflow in jsonescapelen");
+             				return -1;
+             			}
              		}
              	}
              	origlen = PyBytes_GET_SIZE(origstr);
              	esclen = jsonescapelen(origbuf, origlen, paranoid);
              	if (esclen < 0)
-             		return NULL;  /* unsupported char found */
+             		return NULL;  /* unsupported char found or overflow */
              	if (origlen == esclen) {
              		Py_INCREF(origstr);
              		return origstr;

General Comments 0

You need to be logged in to leave comments. Login now

No TODOs yet

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages