adafruit
diff --git a/‎ports/atmel-samd/mpconfigport.h
Lines changed: 1 addition & 2 deletions b/‎ports/atmel-samd/mpconfigport.h
Lines changed: 1 addition & 2 deletions
diff --git a/‎py/obj.h
Lines changed: 2 additions & 0 deletions b/‎py/obj.h
Lines changed: 2 additions & 0 deletions
diff --git a/‎py/objlist.c
Lines changed: 2 additions & 1 deletion b/‎py/objlist.c
Lines changed: 2 additions & 1 deletion
diff --git a/‎py/objstr.c
Lines changed: 2 additions & 1 deletion b/‎py/objstr.c
Lines changed: 2 additions & 1 deletion
diff --git a/‎py/objtuple.c
Lines changed: 2 additions & 1 deletion b/‎py/objtuple.c
Lines changed: 2 additions & 1 deletion
diff --git a/‎py/sequence.c
Lines changed: 9 additions & 0 deletions b/‎py/sequence.c
Lines changed: 9 additions & 0 deletions
@@ -54,6 +54,7 @@
 #define MICROPY_PY_DESCRIPTORS      (1)
 #define MICROPY_PY_MATH             (0)
 #define MICROPY_PY_CMATH            (0)
+#define MICROPY_PY_MICROPYTHON_MEM_INFO (0)
 #define MICROPY_PY_URANDOM          (0)
 #define MICROPY_PY_URANDOM_EXTRA_FUNCS (0)
 #define MICROPY_PY_STRUCT           (0)
@@ -256,7 +257,6 @@ extern const struct _mp_obj_module_t pixelbuf_module;
     #define MICROPY_PY_UERRNO (1)
     #define MICROPY_PY_UERRNO_ERRORCODE (0)
     #define MICROPY_PY_URE (1)
-    #define MICROPY_PY_MICROPYTHON_MEM_INFO (1)
     #ifndef MICROPY_PY_FRAMEBUF
       #define MICROPY_PY_FRAMEBUF         (0)
     #endif
@@ -342,7 +342,6 @@ extern const struct _mp_obj_module_t pixelbuf_module;
 
 #else
     #define MICROPY_PY_BUILTINS_REVERSED (0)
-    #define MICROPY_PY_MICROPYTHON_MEM_INFO (0)
     #define MICROPY_PY_FRAMEBUF         (0)
     #ifndef EXTRA_BUILTIN_MODULES
     #define EXTRA_BUILTIN_MODULES
 
@@ -844,6 +844,8 @@ typedef struct {
     mp_int_t step;
 } mp_bound_slice_t;
 
+// Compute the new length of a sequence and ensure an exception is thrown on overflow.
+size_t mp_seq_multiply_len(size_t item_sz, size_t len);
 void mp_seq_multiply(const void *items, size_t item_sz, size_t len, size_t times, void *dest);
 #if MICROPY_PY_BUILTINS_SLICE
 bool mp_seq_get_fast_slice_indexes(mp_uint_t len, mp_obj_t slice, mp_bound_slice_t *indexes);
 
@@ -126,7 +126,8 @@ STATIC mp_obj_t list_binary_op(mp_binary_op_t op, mp_obj_t lhs, mp_obj_t rhs) {
             if (n < 0) {
                 n = 0;
             }
-            mp_obj_list_t *s = list_new(o->len * n);
+            size_t new_len = mp_seq_multiply_len(o->len, n);
+            mp_obj_list_t *s = list_new(new_len);
             mp_seq_multiply(o->items, sizeof(*o->items), o->len, n, s->items);
             return MP_OBJ_FROM_PTR(s);
         }
 
@@ -332,8 +332,9 @@ mp_obj_t mp_obj_str_binary_op(mp_binary_op_t op, mp_obj_t lhs_in, mp_obj_t rhs_i
                 return mp_const_empty_bytes;
             }
         }
+        size_t new_len = mp_seq_multiply_len(lhs_len, n);
         vstr_t vstr;
-        vstr_init_len(&vstr, lhs_len * n);
+        vstr_init_len(&vstr, new_len);
         mp_seq_multiply(lhs_data, sizeof(*lhs_data), lhs_len, n, vstr.buf);
         return mp_obj_new_str_from_vstr(lhs_type, &vstr);
     }
 
@@ -160,7 +160,8 @@ mp_obj_t mp_obj_tuple_binary_op(mp_binary_op_t op, mp_obj_t lhs, mp_obj_t rhs) {
             if (n <= 0) {
                 return mp_const_empty_tuple;
             }
-            mp_obj_tuple_t *s = MP_OBJ_TO_PTR(mp_obj_new_tuple(o->len * n, NULL));
+            size_t new_len = mp_seq_multiply_len(o->len, n);
+            mp_obj_tuple_t *s = MP_OBJ_TO_PTR(mp_obj_new_tuple(new_len, NULL));
             mp_seq_multiply(o->items, sizeof(*o->items), o->len, n, s->items);
             return MP_OBJ_FROM_PTR(s);
         }
 
@@ -34,6 +34,15 @@
 
 #define SWAP(type, var1, var2) { type t = var2; var2 = var1; var1 = t; }
 
+// Detect when a multiply causes an overflow.
+size_t mp_seq_multiply_len(size_t item_sz, size_t len) {
+    size_t new_len;
+    if (__builtin_mul_overflow(item_sz, len, &new_len)) {
+        mp_raise_msg(&mp_type_OverflowError, translate("small int overflow"));
+    }
+    return new_len;
+}
+
 // Implements backend of sequence * integer operation. Assumes elements are
 // memory-adjacent in sequence.
 void mp_seq_multiply(const void *items, size_t item_sz, size_t len, size_t times, void *dest) {
Original file line number	Diff line number	Diff line change
`@@ -126,7 +126,8 @@ STATIC mp_obj_t list_binary_op(mp_binary_op_t op, mp_obj_t lhs, mp_obj_t rhs) {`
`126`	`126`	`if (n < 0) {`
`127`	`127`	`n = 0;`
`128`	`128`	`}`
`129`		`- mp_obj_list_t s = list_new(o->len n);`
	`129`	`+ size_t new_len = mp_seq_multiply_len(o->len, n);`
	`130`	`+ mp_obj_list_t *s = list_new(new_len);`
`130`	`131`	`mp_seq_multiply(o->items, sizeof(*o->items), o->len, n, s->items);`
`131`	`132`	`return MP_OBJ_FROM_PTR(s);`
`132`	`133`	`}`
Original file line number	Diff line number	Diff line change
`@@ -332,8 +332,9 @@ mp_obj_t mp_obj_str_binary_op(mp_binary_op_t op, mp_obj_t lhs_in, mp_obj_t rhs_i`
`332`	`332`	`return mp_const_empty_bytes;`
`333`	`333`	`}`
`334`	`334`	`}`
	`335`	`+ size_t new_len = mp_seq_multiply_len(lhs_len, n);`
`335`	`336`	`vstr_t vstr;`
`336`		`- vstr_init_len(&vstr, lhs_len * n);`
	`337`	`+ vstr_init_len(&vstr, new_len);`
`337`	`338`	`mp_seq_multiply(lhs_data, sizeof(*lhs_data), lhs_len, n, vstr.buf);`
`338`	`339`	`return mp_obj_new_str_from_vstr(lhs_type, &vstr);`
`339`	`340`	`}`
Original file line number	Diff line number	Diff line change
`@@ -160,7 +160,8 @@ mp_obj_t mp_obj_tuple_binary_op(mp_binary_op_t op, mp_obj_t lhs, mp_obj_t rhs) {`
`160`	`160`	`if (n <= 0) {`
`161`	`161`	`return mp_const_empty_tuple;`
`162`	`162`	`}`
`163`		`- mp_obj_tuple_t s = MP_OBJ_TO_PTR(mp_obj_new_tuple(o->len n, NULL));`
	`163`	`+ size_t new_len = mp_seq_multiply_len(o->len, n);`
	`164`	`+ mp_obj_tuple_t *s = MP_OBJ_TO_PTR(mp_obj_new_tuple(new_len, NULL));`
`164`	`165`	`mp_seq_multiply(o->items, sizeof(*o->items), o->len, n, s->items);`
`165`	`166`	`return MP_OBJ_FROM_PTR(s);`
`166`	`167`	`}`