Open
Description
Feature or enhancement
For unsigned integer formats (B, H, I, k, K) in PyArg_Parse, there is no overflow check. If the Python integer value is out of range of the corresponding C type, only the lowest bits are stored, and the higher bits are silently dropped. There are two reasons for this:
- The signess of the C type accepted by the C API (like uid_t, etc) is not always known. We need to accept values that fit in corresponding both signed and unsigned C types.
- Even if the type is unsigned, some small negative integers (casted to the unsigned tyep) can have special meaning. It is convenient if we can pass -1 instead of 0xffff_ffff or 0xffff_ffff_ffff_ffff, depending on platform.
But values that cannot be represented neither in unsigned not in signed C type, are obviously invalid. Silently accepting them can provoke bugs.
At first, I propose to emit a deprecation warning for such values. Later they will became errors.