Overview

File CVE-2021-33430-bufovrflw-ctors-DoS.patch of Package python2-numpy.22423

From 16f7824b4d935b6aee98298ca4123d57174a6f2e Mon Sep 17 00:00:00 2001
From: yetanothercheer <yetanothercheer@protonmail.com>
Date: Tue, 11 May 2021 14:28:37 +0800
Subject: [PATCH] BUG: fix potential buffer overflow(#18939)

---
 numpy/core/src/multiarray/ctors.c |   16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

--- a/numpy/core/src/multiarray/ctors.c
+++ b/numpy/core/src/multiarray/ctors.c
@@ -928,6 +928,14 @@ PyArray_NewFromDescr_int(PyTypeObject *s
     int i;
     npy_intp nbytes;
 
+    if ((unsigned int)nd > (unsigned int)NPY_MAXDIMS) {
+        PyErr_Format(PyExc_ValueError,
+                     "number of dimensions must be within [0, %d]",
+                     NPY_MAXDIMS);
+        Py_DECREF(descr);
+        return NULL;
+    }
+
     if (descr->subarray) {
         PyObject *ret;
         npy_intp newdims[2*NPY_MAXDIMS];
@@ -947,14 +955,6 @@ PyArray_NewFromDescr_int(PyTypeObject *s
         return ret;
     }
 
-    if ((unsigned int)nd > (unsigned int)NPY_MAXDIMS) {
-        PyErr_Format(PyExc_ValueError,
-                     "number of dimensions must be within [0, %d]",
-                     NPY_MAXDIMS);
-        Py_DECREF(descr);
-        return NULL;
-    }
-
     /* Check datatype element size */
     nbytes = descr->elsize;
     if (PyDataType_ISUNSIZED(descr)) {
openSUSE Build Service is sponsored by
Places