From: Hai Shi <shihai1992@gmail.com>
Date: Sun, 6 Oct 2019 12:17:18 +0000 (+0800)
Subject: bpo-38383: Fix possible integer overflow in startswith() of bytes and bytearray.... 
X-Git-Tag: v3.9.0a1~254
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=24ddd9c2d6ab61cbce7e68d6de36d4df9bd2c3fb;p=thirdparty%2FPython%2Fcpython.git

bpo-38383: Fix possible integer overflow in startswith() of bytes and bytearray. (GH-16603)
---

diff --git a/Objects/bytes_methods.c b/Objects/bytes_methods.c
index 37c5f7dbc804..7d1318420592 100644
--- a/Objects/bytes_methods.c
+++ b/Objects/bytes_methods.c
@@ -743,7 +743,7 @@ tailmatch(const char *str, Py_ssize_t len, PyObject *substr,
 
     if (direction < 0) {
         /* startswith */
-        if (start + slen > len)
+        if (start > len - slen)
             goto notfound;
     } else {
         /* endswith */