Skip to content

Restrict co_code to be under INT_MAX in codeobject #20628

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 10, 2020
Merged

Restrict co_code to be under INT_MAX in codeobject #20628

merged 1 commit into from
Jun 10, 2020

Conversation

ammaraskar
Copy link
Member

Based on @vstinner's advice from #20590 (comment)

This assumption already exists in the interpreter: https://github.com/python/cpython/blob/master/Python/ceval.c#L1328

I checked PyBytes_GET_SIZE(x) directly instead of PyBytes_GET_SIZE(x)/sizeof(_Py_CODEUNIT) just like ceval, since presumably the smallest size of 1 for _Py_CODEUNIT would still allow co_code to be fully indexable with an int.

@ammaraskar ammaraskar requested a review from vstinner June 4, 2020 19:50
vstinner
vstinner reviewed Jun 4, 2020
View reviewed changes
@vstinner vstinner mentioned this pull request Jun 4, 2020
Merged
@pablogsal pablogsal merged commit 3b3b83c into python:master Jun 10, 2020
@vstinner
Copy link
Member

Thanks for the fix :-)

arun-mani-j pushed a commit to arun-mani-j/cpython that referenced this pull request Jul 21, 2020
@ammaraskar @arun-mani-j
Restrict co_code to be under INT_MAX in codeobject (pythonGH-20628)
60353a4
@serhiy-storchaka
Copy link
Member

serhiy-storchaka commented Mar 16, 2021
edited by bedevere-bot
Loading

It needs to be backported to 3.9. See bpo-43499.

@serhiy-storchaka serhiy-storchaka added the needs backport to 3.9 only security fixes label Mar 16, 2021
@miss-islington
Copy link
Contributor

Thanks @ammaraskar for the PR, and @pablogsal for merging it 🌮🎉.. I'm working now to backport this PR to: 3.9.
🐍🍒⛏🤖

@miss-islington
Copy link
Contributor

Sorry, @ammaraskar and @pablogsal, I could not cleanly backport this to 3.9 due to a conflict.
Please backport using cherry_picker on command line.
cherry_picker 3b3b83c965447a8329b34cb4befe6e9908880ee5 3.9

ammaraskar added a commit to ammaraskar/cpython that referenced this pull request Mar 16, 2021
@ammaraskar
Restrict co_code to be under INT_MAX in codeobject (pythonGH-20628)
6792673 
(cherry picked from commit 3b3b83c)
@ammaraskar ammaraskar mentioned this pull request Mar 16, 2021
Merged
@bedevere-bot
Copy link

GH-24896 is a backport of this pull request to the 3.9 branch.

@bedevere-bot bedevere-bot removed the needs backport to 3.9 only security fixes label Mar 16, 2021
serhiy-storchaka pushed a commit that referenced this pull request Mar 17, 2021
@ammaraskar
[3.9] bpo-43499: Restrict co_code to be under INT_MAX in codeobject (G…
db73376 
…H-20628) (GH-24896)

(cherry picked from commit 3b3b83c)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vstinner vstinner vstinner left review comments

@pablogsal pablogsal pablogsal approved these changes

Assignees

@pablogsal pablogsal

Labels
skip issue skip news
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@ammaraskar @vstinner @serhiy-storchaka @miss-islington @bedevere-bot @pablogsal @the-knights-who-say-ni