diff options
Diffstat (limited to 'Objects/stringobject.c')
-rw-r--r-- | Objects/stringobject.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/Objects/stringobject.c b/Objects/stringobject.c index 74c4b52..723918d 100644 --- a/Objects/stringobject.c +++ b/Objects/stringobject.c @@ -2876,7 +2876,9 @@ formatfloat(char *buf, size_t buflen, int flags, prec = 6; if (type == 'f' && fabs(x)/1e25 >= 1e25) type = 'g'; - sprintf(fmt, "%%%s.%d%c", (flags&F_ALT) ? "#" : "", prec, type); + PyOS_snprintf(fmt, sizeof(fmt), "%%%s.%d%c", + (flags&F_ALT) ? "#" : "", + prec, type); /* worst case length calc to ensure no buffer overrun: fmt = %#.<prec>g buf = '-' + [0-9]*prec + '.' + 'e+' + (longest exp @@ -2889,7 +2891,7 @@ formatfloat(char *buf, size_t buflen, int flags, "formatted float is too long (precision too large?)"); return -1; } - sprintf(buf, fmt, x); + PyOS_snprintf(buf, buflen, fmt, x); return strlen(buf); } @@ -3047,7 +3049,9 @@ formatint(char *buf, size_t buflen, int flags, return -1; if (prec < 0) prec = 1; - sprintf(fmt, "%%%s.%dl%c", (flags&F_ALT) ? "#" : "", prec, type); + PyOS_snprintf(fmt, sizeof(fmt), "%%%s.%dl%c", + (flags&F_ALT) ? "#" : "", + prec, type); /* buf = '+'/'-'/'0'/'0x' + '[0-9]'*max(prec, len(x in octal)) worst case buf = '0x' + [0-9]*prec, where prec >= 11 */ if (buflen <= 13 || buflen <= (size_t)2 + (size_t)prec) { @@ -3055,7 +3059,7 @@ formatint(char *buf, size_t buflen, int flags, "formatted integer is too long (precision too large?)"); return -1; } - sprintf(buf, fmt, x); + PyOS_snprintf(buf, buflen, fmt, x); /* When converting 0 under %#x or %#X, C leaves off the base marker, * but we want it (for consistency with other %#x conversions, and * for consistency with Python's hex() function). |