[issue24917] time_strftime() Buffer Over-read
John Leitch
report at bugs.python.org
Sun Sep 6 07:30:57 CEST 2015
John Leitch added the comment:
Yikes--your comment prompted me to look at the check-in, and it seems my patch wasn't properly applied. The curly braces got tweaked, which is minor as you stated, but more importantly the AIX code should not decref format. That could introduce problems bigger than what this patch was attempting to fix.
And, not to dwell, but where do you see a keyword immediately followed by a left parens? I want to make sure everything is properly polished in the future, and the only thing I see is the untouched "for".
Regarding your initial concerns:
1) I think we should enforce no trailing % so as to not pass format strings that may cause undefined behavior.
2) How about expecting ValueError on Windows/AIX, and pass on all other platforms?
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue24917>
_______________________________________
More information about the Python-bugs-list
mailing list