@@ -135,6 +135,8 @@ cdef class Packer(object):
135135 else :
136136 ret = msgpack_pack_false(& self .pk)
137137 elif PyLong_Check(o):
138+ # PyInt_Check(long) is True for Python 3.
139+ # Sow we should test long before int.
138140 if o > 0 :
139141 ullval = o
140142 ret = msgpack_pack_unsigned_long_long(& self .pk, ullval)
@@ -152,30 +154,41 @@ cdef class Packer(object):
152154 dval = o
153155 ret = msgpack_pack_double(& self .pk, dval)
154156 elif PyBytes_Check(o):
155- rawval = o
156157 L = len (o)
158+ if L > (2 ** 32 )- 1 :
159+ raise ValueError (" bytes is too large"
160+ rawval = o
157161 ret = msgpack_pack_bin(& self .pk, L)
158162 if ret == 0 :
159163 ret = msgpack_pack_raw_body(& self .pk, rawval, L)
160164 elif PyUnicode_Check(o):
161165 if not self .encoding:
162166 raise TypeError (" Can't encode unicode string: no encoding is specified"
163167 o = PyUnicode_AsEncodedString(o, self .encoding, self .unicode_errors)
168+ L = len (o)
169+ if L > (2 ** 32 )- 1 :
170+ raise ValueError (" dict is too large"
164171 rawval = o
165172 ret = msgpack_pack_raw(& self .pk, len (o))
166173 if ret == 0 :
167174 ret = msgpack_pack_raw_body(& self .pk, rawval, len (o))
168175 elif PyDict_CheckExact(o):
169176 d = < dict > o
170- ret = msgpack_pack_map(& self .pk, len (d))
177+ L = len (d)
178+ if L > (2 ** 32 )- 1 :
179+ raise ValueError (" dict is too large"
180+ ret = msgpack_pack_map(& self .pk, L)
171181 if ret == 0 :
172182 for k, v in d.iteritems():
173183 ret = self ._pack(k, nest_limit- 1 )
174184 if ret != 0 : break
175185 ret = self ._pack(v, nest_limit- 1 )
176186 if ret != 0 : break
177187 elif PyDict_Check(o):
178- ret = msgpack_pack_map(& self .pk, len (o))
188+ L = len (o)
189+ if L > (2 ** 32 )- 1 :
190+ raise ValueError (" dict is too large"
191+ ret = msgpack_pack_map(& self .pk, L)
179192 if ret == 0 :
180193 for k, v in o.items():
181194 ret = self ._pack(k, nest_limit- 1 )
@@ -187,10 +200,15 @@ cdef class Packer(object):
187200 longval = o.code
188201 rawval = o.data
189202 L = len (o.data)
203+ if L > (2 ** 32 )- 1 :
204+ raise ValueError (" EXT data is too large"
190205 ret = msgpack_pack_ext(& self .pk, longval, L)
191206 ret = msgpack_pack_raw_body(& self .pk, rawval, L)
192207 elif PyTuple_Check(o) or PyList_Check(o):
193- ret = msgpack_pack_array(& self .pk, len (o))
208+ L = len (o)
209+ if L > (2 ** 32 )- 1 :
210+ raise ValueError (" list is too large"
211+ ret = msgpack_pack_array(& self .pk, L)
194212 if ret == 0 :
195213 for v in o:
196214 ret = self ._pack(v, nest_limit- 1 )
@@ -220,6 +238,8 @@ cdef class Packer(object):
220238 msgpack_pack_raw_body(& self .pk, data, len (data))
221239
222240 def pack_array_header (self , size_t size ):
241+ if size >= (2 ** 32 - 1 ):
242+ raise ValueError
223243 cdef int ret = msgpack_pack_array(& self .pk, size)
224244 if ret == - 1 :
225245 raise MemoryError
@@ -231,6 +251,8 @@ cdef class Packer(object):
231251 return buf
232252
233253 def pack_map_header (self , size_t size ):
254+ if size >= (2 ** 32 - 1 ):
255+ raise ValueError
234256 cdef int ret = msgpack_pack_map(& self .pk, size)
235257 if ret == - 1 :
236258 raise MemoryError
0 commit comments