diff options
author | Georg Brandl <georg@python.org> | 2008-06-10 17:40:04 (GMT) |
---|---|---|
committer | Georg Brandl <georg@python.org> | 2008-06-10 17:40:04 (GMT) |
commit | f78e02b79862ac555fe052240bda55fa770a2d6f (patch) | |
tree | 885defd9b02e7865a9475b1d18b9c91a1fb8e93a /Python | |
parent | 4066186c8934d66ac1ac795c7380a68468ad157a (diff) | |
download | cpython-f78e02b79862ac555fe052240bda55fa770a2d6f.zip cpython-f78e02b79862ac555fe052240bda55fa770a2d6f.tar.gz cpython-f78e02b79862ac555fe052240bda55fa770a2d6f.tar.bz2 |
Merged revisions 63562,63570,63728,63734,63784,63788,63802,63817,63827,63839,63887,63975,63998 via svnmerge from
svn+ssh://pythondev@svn.python.org/python/trunk
........
r63562 | martin.v.loewis | 2008-05-23 17:06:50 +0200 (Fri, 23 May 2008) | 2 lines
Patch #1722225: Support QNX 6.
........
r63570 | trent.nelson | 2008-05-23 22:33:14 +0200 (Fri, 23 May 2008) | 1 line
Introduce a user macro named $(externalsDir), which should point to the root directory of where all the external sources should live. Developers can change this value if their external sources live elsewhere. The default of '..\..' matches the current status quo.
........
r63728 | gregory.p.smith | 2008-05-26 23:16:34 +0200 (Mon, 26 May 2008) | 4 lines
Fix issue2589: there was a potential integer overflow leading to
memory corruption on esoteric platforms and incorrect behavior on
normal platforms.
........
r63734 | gregory.p.smith | 2008-05-27 00:07:28 +0200 (Tue, 27 May 2008) | 3 lines
Fix issue2588: Do not execute str[size-1] = '\0' when a 0 size is
passed in. (The assert won't prevent this in non-debug builds).
........
r63784 | raymond.hettinger | 2008-05-29 10:38:23 +0200 (Thu, 29 May 2008) | 1 line
Fix two typos.
........
r63788 | facundo.batista | 2008-05-29 18:39:26 +0200 (Thu, 29 May 2008) | 6 lines
Fixed the semantic of timeout for socket.create_connection and
all the upper level libraries that use it, including urllib2.
Added and fixed some tests, and changed docs correspondingly.
Thanks to John J Lee for the patch and the pusing, :)
........
r63802 | mark.dickinson | 2008-05-30 04:46:53 +0200 (Fri, 30 May 2008) | 2 lines
Fix typo in testSum
........
r63817 | raymond.hettinger | 2008-05-30 20:20:50 +0200 (Fri, 30 May 2008) | 8 lines
* Mark intermedidate computes values (hi, lo, yr) as volatile.
* Expand comments.
* Swap variable names in the sum_exact code so that x and y
are consistently chosen as the larger and smaller magnitude
values respectively.
........
r63827 | raymond.hettinger | 2008-05-31 05:24:31 +0200 (Sat, 31 May 2008) | 1 line
Implement heapq in terms of less-than (to match list.sort()).
........
r63839 | gerhard.haering | 2008-05-31 23:33:27 +0200 (Sat, 31 May 2008) | 2 lines
Fixed rowcount for SELECT statements. They're -1 now (again), for better DB-API 2.0 compliance.
........
r63887 | gregory.p.smith | 2008-06-02 06:05:52 +0200 (Mon, 02 Jun 2008) | 4 lines
Fix issue 2782: be less strict about the format string type in strftime.
Accept unicode and anything else ParseTuple "s#" can deal with. This
matches the time.strftime behavior.
........
r63975 | neal.norwitz | 2008-06-06 06:47:01 +0200 (Fri, 06 Jun 2008) | 3 lines
Aldo Cortesi confirmed this is still needed for OpenBSD 4.2 and 4.3.
(I didn't regen configure, since I don't have a working autoconf.)
........
r63998 | raymond.hettinger | 2008-06-06 23:47:51 +0200 (Fri, 06 Jun 2008) | 1 line
Issue 3501: Make heapq support both __le__ and __lt__.
........
Diffstat (limited to 'Python')
-rw-r--r-- | Python/mysnprintf.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/Python/mysnprintf.c b/Python/mysnprintf.c index 4d3770d..3173863 100644 --- a/Python/mysnprintf.c +++ b/Python/mysnprintf.c @@ -54,18 +54,28 @@ int PyOS_vsnprintf(char *str, size_t size, const char *format, va_list va) { int len; /* # bytes written, excluding \0 */ -#ifndef HAVE_SNPRINTF +#ifdef HAVE_SNPRINTF +#define _PyOS_vsnprintf_EXTRA_SPACE 1 +#else +#define _PyOS_vsnprintf_EXTRA_SPACE 512 char *buffer; #endif assert(str != NULL); assert(size > 0); assert(format != NULL); + /* We take a size_t as input but return an int. Sanity check + * our input so that it won't cause an overflow in the + * vsnprintf return value or the buffer malloc size. */ + if (size > INT_MAX - _PyOS_vsnprintf_EXTRA_SPACE) { + len = -666; + goto Done; + } #ifdef HAVE_SNPRINTF len = vsnprintf(str, size, format, va); #else /* Emulate it. */ - buffer = PyMem_MALLOC(size + 512); + buffer = PyMem_MALLOC(size + _PyOS_vsnprintf_EXTRA_SPACE); if (buffer == NULL) { len = -666; goto Done; @@ -75,7 +85,7 @@ PyOS_vsnprintf(char *str, size_t size, const char *format, va_list va) if (len < 0) /* ignore the error */; - else if ((size_t)len >= size + 512) + else if ((size_t)len >= size + _PyOS_vsnprintf_EXTRA_SPACE) Py_FatalError("Buffer overflow in PyOS_snprintf/PyOS_vsnprintf"); else { @@ -86,8 +96,10 @@ PyOS_vsnprintf(char *str, size_t size, const char *format, va_list va) str[to_copy] = '\0'; } PyMem_FREE(buffer); -Done: #endif - str[size-1] = '\0'; +Done: + if (size > 0) + str[size-1] = '\0'; return len; +#undef _PyOS_vsnprintf_EXTRA_SPACE } |