Integer Overflow Crash On bytearray()

[pabstersac]

BPO	27549
Nosy	@serhiy-storchaka, @zhangyangyu

^{Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.}

Show more details

GitHub fields:

assignee = None
closed_at = <Date 2016-07-18.06:30:33.605>
created_at = <Date 2016-07-18.05:54:59.736>
labels = ['invalid']
title = 'Integer Overflow Crash On bytearray()'
updated_at = <Date 2016-07-18.06:30:33.559>
user = 'https://bugs.python.org/pabstersac'

bugs.python.org fields:

activity = <Date 2016-07-18.06:30:33.559>
actor = 'serhiy.storchaka'
assignee = 'none'
closed = True
closed_date = <Date 2016-07-18.06:30:33.605>
closer = 'serhiy.storchaka'
components = []
creation = <Date 2016-07-18.05:54:59.736>
creator = 'pabstersac'
dependencies = []
files = []
hgrepos = []
issue_num = 27549
keywords = []
message_count = 3.0
messages = ['270703', '270715', '270721']
nosy_count = 3.0
nosy_names = ['serhiy.storchaka', 'xiang.zhang', 'pabstersac']
pr_nums = []
priority = 'normal'
resolution = 'not a bug'
stage = 'resolved'
status = 'closed'
superseder = None
type = None
url = 'https://bugs.python.org/issue27549'
versions = ['Python 3.5', 'Python 3.6']

[pabstersac]

There is an integer overflow because python doesn't check the length correctly on bytearray:
bytearray(0xFFFFFFFFFFFFFFF**10000000000**80000000000000000)
That will not return an overflow message, and even though my hex knowledge is very bad I do believe 0xFFFFFFFFFFFFFFF**10000000000**80000000000000000 is more than 0xFFFFFFFFFFFFFFFF which does return a overflow message.
Hope it helps ;)

[zhangyangyu]

So if it doesn't return an overflow message, what does it returns?

[serhiy-storchaka]

See msg270712.