it suffices to check for PY_SSIZE_T_MAX overflow (#22643)

author Benjamin Peterson <benjamin@python.org>

Wed, 15 Oct 2014 16:17:21 +0000 (12:17 -0400)

committer Benjamin Peterson <benjamin@python.org>

Wed, 15 Oct 2014 16:17:21 +0000 (12:17 -0400)
author Benjamin Peterson <benjamin@python.org>
Wed, 15 Oct 2014 16:17:21 +0000 (12:17 -0400)
committer Benjamin Peterson <benjamin@python.org>
Wed, 15 Oct 2014 16:17:21 +0000 (12:17 -0400)
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c

index 2a10eec5ebc127a852440078d24094e0ecd654a7..8eb2dd2dc6b65d636f406b46b6611e384350f2cf 100644 (file)
--- a/Objects/unicodeobject.c
+++ b/Objects/unicodeobject.c
@@ -9484,12 +9484,11 @@ case_operation(PyObject *self,
      kind = PyUnicode_KIND(self);
      data = PyUnicode_DATA(self);
      length = PyUnicode_GET_LENGTH(self);
-    if (length > PY_SSIZE_T_MAX / 3 ||
-        length > PY_SIZE_MAX / (3 * sizeof(Py_UCS4))) {
+    if (length > PY_SSIZE_T_MAX / (3 * sizeof(Py_UCS4))) {
          PyErr_SetString(PyExc_OverflowError, "string is too long");
          return NULL;
      }
-    tmp = PyMem_MALLOC(sizeof(Py_UCS4) * 3 * (size_t)length);
+    tmp = PyMem_MALLOC(sizeof(Py_UCS4) * 3 * length);
      if (tmp == NULL)
          return PyErr_NoMemory();
      newlength = perform(kind, data, length, tmp, &maxchar);
author	Benjamin Peterson <benjamin@python.org>
	Wed, 15 Oct 2014 16:17:21 +0000 (12:17 -0400)
committer	Benjamin Peterson <benjamin@python.org>
	Wed, 15 Oct 2014 16:17:21 +0000 (12:17 -0400)