[pypy-commit] pypy sandbox-2: Be safe and always enable a check that was meant only for Windows
arigo
pypy.commits at gmail.com
Fri Aug 9 13:58:04 EDT 2019
Author: Armin Rigo <arigo at tunes.org>
Branch: sandbox-2
Changeset: r97130:a781f28cb336
Date: 2019-08-09 19:57 +0200
http://bitbucket.org/pypy/pypy/changeset/a781f28cb336/
Log: Be safe and always enable a check that was meant only for Windows
but that makes sense in case there's an attack on the platform's
strftime()
diff --git a/pypy/module/time/interp_time.py b/pypy/module/time/interp_time.py
--- a/pypy/module/time/interp_time.py
+++ b/pypy/module/time/interp_time.py
@@ -639,7 +639,7 @@
if rffi.getintfield(buf_value, 'c_tm_isdst') < -1 or rffi.getintfield(buf_value, 'c_tm_isdst') > 1:
raise oefmt(space.w_ValueError, "daylight savings flag out of range")
- if _WIN:
+ if _WIN or space.config.translation.sandbox:
# check that the format string contains only valid directives
length = len(format)
i = 0
More information about the pypy-commit
mailing list