[Patches] Fix for bug PR#341

M.-A. Lemburg mal@lemburg.com
Sat, 27 May 2000 17:50:42 +0200 

This is a multi-part message in MIME format.
--------------0B3EA3054A6AAE2C2F90D62D
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Patch Set Contents:
-------------------

Objects/stringobject.c:

Fix to avoid buffer overruns in %-formatting of integers.

Objects/unicodeobject.c:

Fix to avoid buffer overruns in %-formatting of integers.

_____________________________________________________________________
License Transfer:

I confirm that, to the best of my knowledge and belief, this
contribution is free of any claims of third parties under copyright,
patent or other rights or interests ("claims").  To the extent that I
have any such claims, I hereby grant to CNRI a nonexclusive,
irrevocable, royalty-free, worldwide license to reproduce, distribute,
perform and/or display publicly, prepare derivative versions, and
otherwise use this contribution as part of the Python software and its
related documentation, or any derivative versions thereof, at no cost
to CNRI or its licensed users, and to authorize others to do so.

I acknowledge that CNRI may, at its sole discretion, decide whether or
not to incorporate this contribution in the Python software and its
related documentation.  I further grant CNRI permission to use my name
and other identifying information provided to CNRI by me for use in
connection with the Python software and its related documentation.

-- 
Marc-Andre Lemburg
______________________________________________________________________
Business:                                      http://www.lemburg.com/
Python Pages:                           http://www.lemburg.com/python/
--------------0B3EA3054A6AAE2C2F90D62D
Content-Type: text/plain; charset=us-ascii;
 name="precision.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="precision.patch"

Only in CVS-Python: .cvsignore
diff -u -rbP -x *.o -x *.pyc -x Makefile -x *~ -x *.so -x add2lib -x pgen -x buildno -x core -x config.* -x libpython* -x python -x Setup -x Setup.local -x Setup.thread -x hassignal -x Makefile.pre -x configure -x *.bak -x *.s -x DEADJOE -x *.rej -x *.orig -x Demo -x CVS -x Doc -x *.orig -x .#* -x distutils -x PCbuild -x *.py -x ACKS -x *.txt -x README CVS-Python/Objects/stringobject.c Python+Unicode/Objects/stringobject.c
--- CVS-Python/Objects/stringobject.c	Mon May  8 16:08:05 2000
+++ Python+Unicode/Objects/stringobject.c	Sat May 27 17:42:43 2000
@@ -2353,6 +2353,10 @@
 		return -1;
 	if (prec < 0)
 		prec = 1;
+	if (prec > 50) {
+		PyErr_SetString(PyExc_ValueError, "precision must be <= 50");
+		return -1;
+	}
 	sprintf(fmt, "%%%s.%dl%c", (flags&F_ALT) ? "#" : "", prec, type);
 	sprintf(buf, fmt, x);
 	return strlen(buf);
diff -u -rbP -x *.o -x *.pyc -x Makefile -x *~ -x *.so -x add2lib -x pgen -x buildno -x core -x config.* -x libpython* -x python -x Setup -x Setup.local -x Setup.thread -x hassignal -x Makefile.pre -x configure -x *.bak -x *.s -x DEADJOE -x *.rej -x *.orig -x Demo -x CVS -x Doc -x *.orig -x .#* -x distutils -x PCbuild -x *.py -x ACKS -x *.txt -x README CVS-Python/Objects/unicodeobject.c Python+Unicode/Objects/unicodeobject.c
--- CVS-Python/Objects/unicodeobject.c	Tue May  9 21:54:43 2000
+++ Python+Unicode/Objects/unicodeobject.c	Sat May 27 17:43:07 2000
@@ -4254,6 +4254,10 @@
 	return -1;
     if (prec < 0)
 	prec = 1;
+    if (prec > 50) {
+	PyErr_SetString(PyExc_ValueError, "precision must be <= 50");
+	return -1;
+    }
     sprintf(fmt, "%%%s.%dl%c", (flags & F_ALT) ? "#" : "", prec, type);
     return usprintf(buf, fmt, x);
 }
Only in CVS-Python: .cvsignore

--------------0B3EA3054A6AAE2C2F90D62D--