Commits

Anonymous committed 0b5211d

Issue #8650: Make zlib.[de]compressobj().[de]compress() 64-bit clean.

Raise an OverflowError if the input data is too large, instead of silently
truncating the input and returning an incorrect result.

Comments (0)

Files changed (3)

Lib/test/test_zlib.py

         decompress = lambda s: d.decompress(s) + d.flush()
         self.check_big_decompress_buffer(size, decompress)
 
+    @precisionbigmemtest(size=_4G + 100, memuse=1)
+    def test_length_overflow(self, size):
+        if size < _4G + 100:
+            self.skipTest("not enough free memory, need at least 4 GB")
+        data = b'x' * size
+        try:
+            self.assertRaises(OverflowError, zlib.compress, data, 1)
+            self.assertRaises(OverflowError, zlib.decompress, data)
+        finally:
+            data = None
+
 
 def genblock(seed, length, step=1024, generator=random):
     """length-byte stream of random data from a seed (in step-byte blocks)."""
 Library
 -------
 
+- Issue #8650: Make zlib module 64-bit clean. compress(), decompress() and
+  their incremental counterparts now raise OverflowError if given an input
+  larger than 4GB, instead of silently truncating the input and returning
+  an incorrect result.
+
 - Issue #12050: zlib.decompressobj().decompress() now clears the unconsumed_tail
   attribute when called without a max_length argument.
 

Modules/zlibmodule.c

 static PyObject *
 PyZlib_objcompress(compobject *self, PyObject *args)
 {
-    int err, inplen;
+    int err;
+    unsigned int inplen;
     Py_ssize_t length = DEFAULTALLOC;
-    PyObject *RetVal;
+    PyObject *RetVal = NULL;
     Py_buffer pinput;
     Byte *input;
     unsigned long start_total_out;
 
     if (!PyArg_ParseTuple(args, "y*:compress", &pinput))
         return NULL;
+    if (pinput.len > UINT_MAX) {
+        PyErr_SetString(PyExc_OverflowError,
+                        "Size does not fit in an unsigned int");
+        goto error_outer;
+    }
     input = pinput.buf;
     inplen = pinput.len;
 
-    if (!(RetVal = PyBytes_FromStringAndSize(NULL, length))) {
-        PyBuffer_Release(&pinput);
-        return NULL;
-    }
+    if (!(RetVal = PyBytes_FromStringAndSize(NULL, length)))
+        goto error_outer;
 
     ENTER_ZLIB(self);
 
 
  error:
     LEAVE_ZLIB(self);
+ error_outer:
     PyBuffer_Release(&pinput);
     return RetVal;
 }
 static PyObject *
 PyZlib_objdecompress(compobject *self, PyObject *args)
 {
-    int err, inplen, max_length = 0;
+    int err, max_length = 0;
+    unsigned int inplen;
     Py_ssize_t old_length, length = DEFAULTALLOC;
-    PyObject *RetVal;
+    PyObject *RetVal = NULL;
     Py_buffer pinput;
     Byte *input;
     unsigned long start_total_out;
     if (!PyArg_ParseTuple(args, "y*|i:decompress", &pinput,
                           &max_length))
         return NULL;
+    if (pinput.len > UINT_MAX) {
+        PyErr_SetString(PyExc_OverflowError,
+                        "Size does not fit in an unsigned int");
+        goto error_outer;
+    }
     input = pinput.buf;
     inplen = pinput.len;
     if (max_length < 0) {
-        PyBuffer_Release(&pinput);
         PyErr_SetString(PyExc_ValueError,
                         "max_length must be greater than zero");
-        return NULL;
+        goto error_outer;
     }
 
     /* limit amount of data allocated to max_length */
     if (max_length && length > max_length)
         length = max_length;
-    if (!(RetVal = PyBytes_FromStringAndSize(NULL, length))) {
-        PyBuffer_Release(&pinput);
-        return NULL;
-    }
+    if (!(RetVal = PyBytes_FromStringAndSize(NULL, length)))
+        goto error_outer;
 
     ENTER_ZLIB(self);
 
 
  error:
     LEAVE_ZLIB(self);
+ error_outer:
     PyBuffer_Release(&pinput);
     return RetVal;
 }