diff options
| author | Serhiy Storchaka <storchaka@gmail.com> | 2013-06-23 17:22:09 (GMT) |
|---|---|---|
| committer | Serhiy Storchaka <storchaka@gmail.com> | 2013-06-23 17:22:09 (GMT) |
| commit | ba908c72a0ae7fe08d308f9e5b751753ecf8b6eb (patch) | |
| tree | 0115111bb0bda1850230c5a38c1436ff4f0f2172 /Objects | |
| parent | 262df4d3e8b870534270d3dc8c421dbc7ce3113a (diff) | |
| download | cpython-ba908c72a0ae7fe08d308f9e5b751753ecf8b6eb.zip cpython-ba908c72a0ae7fe08d308f9e5b751753ecf8b6eb.tar.gz cpython-ba908c72a0ae7fe08d308f9e5b751753ecf8b6eb.tar.bz2 | |
Issue #18184: PyUnicode_FromFormat() and PyUnicode_FromFormatV() now raise
OverflowError when an argument of %c format is out of range.
Diffstat (limited to 'Objects')
| -rw-r--r-- | Objects/unicodeobject.c | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c index 0ead06f..64a5ef5 100644 --- a/Objects/unicodeobject.c +++ b/Objects/unicodeobject.c @@ -740,8 +740,25 @@ PyUnicode_FromFormatV(const char *format, va_list vargs) switch (*f) { case 'c': - (void)va_arg(count, int); + { + int ordinal = va_arg(count, int); +#ifdef Py_UNICODE_WIDE + if (ordinal < 0 || ordinal > 0x10ffff) { + PyErr_SetString(PyExc_OverflowError, + "%c arg not in range(0x110000) " + "(wide Python build)"); + goto fail; + } +#else + if (ordinal < 0 || ordinal > 0xffff) { + PyErr_SetString(PyExc_OverflowError, + "%c arg not in range(0x10000) " + "(narrow Python build)"); + goto fail; + } +#endif /* fall through... */ + } case '%': n++; break; |