[Python-checkins] cpython (merge 3.3 -> default): (Merge 3.3) Issue #18137: Detect integer overflow on precision in

victor.stinner python-checkins at python.org
Sun Jun 23 14:57:37 CEST 2013 

http://hg.python.org/cpython/rev/81fef2666ebb
changeset:   84267:81fef2666ebb
parent:      84265:e5427b0b2bf7
parent:      84266:ef5175d08e7e
user:        Victor Stinner <victor.stinner at gmail.com>
date:        Sun Jun 23 14:55:43 2013 +0200
summary:
  (Merge 3.3) Issue #18137: Detect integer overflow on precision in
float.__format__() and complex.__format__().

files:
  Lib/test/test_format.py    |  17 +++++++++++++++++
  Misc/NEWS                  |   3 +++
  Python/formatter_unicode.c |  16 ++++++++++++++--
  3 files changed, 34 insertions(+), 2 deletions(-)


diff --git a/Lib/test/test_format.py b/Lib/test/test_format.py
--- a/Lib/test/test_format.py
+++ b/Lib/test/test_format.py
@@ -331,6 +331,23 @@
 def test_main():
     support.run_unittest(FormatTest)
 
+    def test_precision(self):
+        INT_MAX = 2147483647
+
+        f = 1.2
+        self.assertEqual(format(f, ".0f"), "1")
+        self.assertEqual(format(f, ".3f"), "1.200")
+        with self.assertRaises(ValueError) as cm:
+            format(f, ".%sf" % (INT_MAX + 1))
+        self.assertEqual(str(cm.exception), "precision too big")
+
+        c = complex(f)
+        self.assertEqual(format(f, ".0f"), "1")
+        self.assertEqual(format(f, ".3f"), "1.200")
+        with self.assertRaises(ValueError) as cm:
+            format(f, ".%sf" % (INT_MAX + 1))
+        self.assertEqual(str(cm.exception), "precision too big")
+
 
 if __name__ == "__main__":
     unittest.main()
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -10,6 +10,9 @@
 Core and Builtins
 -----------------
 
+- Issue #18137: Detect integer overflow on precision in float.__format__()
+  and complex.__format__().
+
 - Issue #15767: Introduce ModuleNotFoundError which is raised when a module
   could not be found.
 
diff --git a/Python/formatter_unicode.c b/Python/formatter_unicode.c
--- a/Python/formatter_unicode.c
+++ b/Python/formatter_unicode.c
@@ -982,7 +982,7 @@
     Py_ssize_t n_total;
     int has_decimal;
     double val;
-    Py_ssize_t precision = format->precision;
+    Py_ssize_t precision;
     Py_ssize_t default_precision = 6;
     Py_UCS4 type = format->type;
     int add_pct = 0;
@@ -999,6 +999,12 @@
        from a hard-code pseudo-locale */
     LocaleInfo locale = STATIC_LOCALE_INFO_INIT;
 
+    if (format->precision > INT_MAX) {
+        PyErr_SetString(PyExc_ValueError, "precision too big");
+        goto done;
+    }
+    precision = (int)format->precision;
+
     if (format->alternate)
         flags |= Py_DTSF_ALT;
 
@@ -1132,7 +1138,7 @@
     Py_ssize_t n_im_total;
     int re_has_decimal;
     int im_has_decimal;
-    Py_ssize_t precision = format->precision;
+    int precision;
     Py_ssize_t default_precision = 6;
     Py_UCS4 type = format->type;
     Py_ssize_t i_re;
@@ -1160,6 +1166,12 @@
        from a hard-code pseudo-locale */
     LocaleInfo locale = STATIC_LOCALE_INFO_INIT;
 
+    if (format->precision > INT_MAX) {
+        PyErr_SetString(PyExc_ValueError, "precision too big");
+        goto done;
+    }
+    precision = (int)format->precision;
+
     /* Zero padding is not allowed. */
     if (format->fill_char == '0') {
         PyErr_SetString(PyExc_ValueError,

-- 
Repository URL: http://hg.python.org/cpython

More information about the Python-checkins mailing list