[issue24917] time_strftime() Buffer Over-read
eryksun
report at bugs.python.org
Mon Sep 7 00:45:38 CEST 2015
eryksun added the comment:
With MSVC, if errno is cleared before calling strftime, then when buflen == 0 you know whether it's an invalid format string (EINVAL) or maxsize is too small (ERANGE). There's no need to guess. Oddly, only EINVAL is documented, even though setting ERANGE has been in the implementation for years.
VC 10 (strftime.c):
/* error - return an empty string */
*(strstart)='\0';
/* now return our error/insufficient buffer indication */
if ( !failed && left <= 0 )
{
/* do not report this as an error to allow the caller to resize */
errno=ERANGE;
}
else
{
_VALIDATE_RETURN( FALSE, EINVAL, 0);
}
VC 14 (time/wcsftime.cpp):
// Error: return an empty string:
*string = L'\0';
// Now return our error/insufficient buffer indication:
if (!failed && remaining <= 0)
{
// Do not report this as an error to allow the caller to resize:
errno = ERANGE;
}
else
{
_VALIDATE_RETURN(false, EINVAL, 0);
}
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue24917>
_______________________________________
More information about the Python-bugs-list
mailing list