diff options
author | Victor Stinner <victor.stinner@gmail.com> | 2013-06-23 12:54:30 (GMT) |
---|---|---|
committer | Victor Stinner <victor.stinner@gmail.com> | 2013-06-23 12:54:30 (GMT) |
commit | 2f084ecfe78472b6a1a6c8b07472672176d4f848 (patch) | |
tree | 0a4c0948defc6a3019553b48800f2f2b4656368b /Python/formatter_unicode.c | |
parent | da30acf50b4ccf6751cdd6c786cbab283865a79f (diff) | |
download | cpython-2f084ecfe78472b6a1a6c8b07472672176d4f848.zip cpython-2f084ecfe78472b6a1a6c8b07472672176d4f848.tar.gz cpython-2f084ecfe78472b6a1a6c8b07472672176d4f848.tar.bz2 |
Issue #18137: Detect integer overflow on precision in float.__format__() and
complex.__format__().
Diffstat (limited to 'Python/formatter_unicode.c')
-rw-r--r-- | Python/formatter_unicode.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/Python/formatter_unicode.c b/Python/formatter_unicode.c index 17eb978..2fe446a 100644 --- a/Python/formatter_unicode.c +++ b/Python/formatter_unicode.c @@ -977,7 +977,7 @@ format_float_internal(PyObject *value, Py_ssize_t n_total; int has_decimal; double val; - Py_ssize_t precision = format->precision; + Py_ssize_t precision; Py_ssize_t default_precision = 6; Py_UCS4 type = format->type; int add_pct = 0; @@ -994,6 +994,12 @@ format_float_internal(PyObject *value, from a hard-code pseudo-locale */ LocaleInfo locale = STATIC_LOCALE_INFO_INIT; + if (format->precision > INT_MAX) { + PyErr_SetString(PyExc_ValueError, "precision too big"); + goto done; + } + precision = (int)format->precision; + if (format->alternate) flags |= Py_DTSF_ALT; @@ -1127,7 +1133,7 @@ format_complex_internal(PyObject *value, Py_ssize_t n_im_total; int re_has_decimal; int im_has_decimal; - Py_ssize_t precision = format->precision; + int precision; Py_ssize_t default_precision = 6; Py_UCS4 type = format->type; Py_ssize_t i_re; @@ -1155,6 +1161,12 @@ format_complex_internal(PyObject *value, from a hard-code pseudo-locale */ LocaleInfo locale = STATIC_LOCALE_INFO_INIT; + if (format->precision > INT_MAX) { + PyErr_SetString(PyExc_ValueError, "precision too big"); + goto done; + } + precision = (int)format->precision; + /* Zero padding is not allowed. */ if (format->fill_char == '0') { PyErr_SetString(PyExc_ValueError, |