diff options
| author | Anthony Baxter <anthonybaxter@gmail.com> | 2001-12-21 03:49:31 (GMT) |
|---|---|---|
| committer | Anthony Baxter <anthonybaxter@gmail.com> | 2001-12-21 03:49:31 (GMT) |
| commit | ba5a3f2ebb31f4d131314820d5dda5506c06fa60 (patch) | |
| tree | f9034c78b8998878a73bf9d67ad2cd3fbed5ab4e /Python | |
| parent | 8d0b5adf1501568f9de8b6d7b86cbb7e9d25c77e (diff) | |
| download | cpython-ba5a3f2ebb31f4d131314820d5dda5506c06fa60.zip cpython-ba5a3f2ebb31f4d131314820d5dda5506c06fa60.tar.gz cpython-ba5a3f2ebb31f4d131314820d5dda5506c06fa60.tar.bz2 | |
backport 2.35:
SF bug 485175: buffer overflow in
traceback.c. Bugfix candidate. tb_displayline(): the sprintf
format was choking off the file name, but used plain %s for the
function name (which can be arbitrarily long). Limit both to 500
chars max.
Diffstat (limited to 'Python')
| -rw-r--r-- | Python/traceback.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/Python/traceback.c b/Python/traceback.c index c17dbe2..19dfc16 100644 --- a/Python/traceback.c +++ b/Python/traceback.c @@ -103,16 +103,16 @@ tb_displayline(PyObject *f, char *filename, int lineno, char *name) { int err = 0; FILE *xfp; - char linebuf[1000]; + char linebuf[2000]; int i; if (filename == NULL || name == NULL) return -1; #ifdef MPW /* This is needed by MPW's File and Line commands */ -#define FMT " File \"%.900s\"; line %d # in %s\n" +#define FMT " File \"%.500s\"; line %d # in %.500s\n" #else /* This is needed by Emacs' compile command */ -#define FMT " File \"%.900s\", line %d, in %s\n" +#define FMT " File \"%.500s\", line %d, in %.500s\n" #endif xfp = fopen(filename, "r"); if (xfp == NULL) { |