Issue #24917: time_strftime() Buffer Over-read. Patch by John Leitch.

author: Steve Dower <steve.dower@microsoft.com> 2015-09-06 03:55:34 (GMT)
committer: Steve Dower <steve.dower@microsoft.com> 2015-09-06 03:55:34 (GMT)
commit: 0fba9b324f061a4c8af9f39c3d0befdf29e2a216 (patch)
tree: d537f3a799cbb0d16f5931d0792edb0db0b42da6 /Modules
parent: ca3f435fe6b5de970848eb3a5d8f8e6cd5d2f73c (diff)
download: cpython-0fba9b324f061a4c8af9f39c3d0befdf29e2a216.zip
cpython-0fba9b324f061a4c8af9f39c3d0befdf29e2a216.tar.gz
cpython-0fba9b324f061a4c8af9f39c3d0befdf29e2a216.tar.bz2
1 files changed, 6 insertions, 0 deletions
diff --git a/Modules/timemodule.c b/Modules/timemodule.c
index d0917a4..f729594 100644
--- a/Modules/timemodule.c
+++ b/Modules/timemodule.c
@@ -662,6 +662,12 @@ time_strftime(PyObject *self, PyObject *args)
                             "format %y requires year >= 1900 on AIX");
             return NULL;
         }
+        else if (outbuf[1] == '\0')
+        {
+            PyErr_SetString(PyExc_ValueError, "Incomplete format string");
+            Py_DECREF(format);
+            return NULL;
+        }
     }
 #endif
author	Steve Dower <steve.dower@microsoft.com>	2015-09-06 03:55:34 (GMT)
committer	Steve Dower <steve.dower@microsoft.com>	2015-09-06 03:55:34 (GMT)
commit	0fba9b324f061a4c8af9f39c3d0befdf29e2a216 (patch)
tree	d537f3a799cbb0d16f5931d0792edb0db0b42da6 /Modules
parent	ca3f435fe6b5de970848eb3a5d8f8e6cd5d2f73c (diff)
download	cpython-0fba9b324f061a4c8af9f39c3d0befdf29e2a216.zip cpython-0fba9b324f061a4c8af9f39c3d0befdf29e2a216.tar.gz cpython-0fba9b324f061a4c8af9f39c3d0befdf29e2a216.tar.bz2