[Python-checkins] cpython (merge 3.5 -> default): Issue #24917: time_strftime() Buffer Over-read. Patch by John Leitch.

steve.dower python-checkins at python.org
Sun Sep 6 06:02:06 CEST 2015 

https://hg.python.org/cpython/rev/6fc744ac3953
changeset:   97697:6fc744ac3953
parent:      97691:abc416ca59fc
parent:      97696:7cdadcc1002d
user:        Steve Dower <steve.dower at microsoft.com>
date:        Sat Sep 05 21:00:33 2015 -0700
summary:
  Issue #24917: time_strftime() Buffer Over-read. Patch by John Leitch.

files:
  Lib/test/test_time.py |   6 ++++++
  Misc/NEWS             |   2 ++
  Modules/timemodule.c  |  12 ++++++++++++
  3 files changed, 20 insertions(+), 0 deletions(-)


diff --git a/Lib/test/test_time.py b/Lib/test/test_time.py
--- a/Lib/test/test_time.py
+++ b/Lib/test/test_time.py
@@ -177,6 +177,12 @@
     def test_strftime_bounding_check(self):
         self._bounds_checking(lambda tup: time.strftime('', tup))
 
+    def test_strftime_format_check(self):
+        for x in [ '', 'A', '%A', '%AA' ]:
+            for y in range(0x0, 0x10):
+                for z in [ '%', 'A%', 'AA%', '%A%', 'A%A%', '%#' ]:
+                    self.assertRaises(ValueError, time.strftime, x * y + z)
+
     def test_default_values_for_zero(self):
         # Make sure that using all zeros uses the proper default
         # values.  No test for daylight savings since strftime() does
diff --git a/Misc/NEWS b/Misc/NEWS
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -179,6 +179,8 @@
 Library
 -------
 
+- Issue #24917: time_strftime() Buffer Over-read. Patch by John Leitch.
+
 - Issue #24635: Fixed a bug in typing.py where isinstance([], typing.Iterable)
   would return True once, then False on subsequent calls.
 
diff --git a/Modules/timemodule.c b/Modules/timemodule.c
--- a/Modules/timemodule.c
+++ b/Modules/timemodule.c
@@ -623,6 +623,12 @@
             Py_DECREF(format);
             return NULL;
         }
+        else if (outbuf[1] == '\0')
+        {
+            PyErr_SetString(PyExc_ValueError, "Incomplete format string");
+            Py_DECREF(format);
+            return NULL;
+        }
     }
 #elif (defined(_AIX) || defined(sun)) && defined(HAVE_WCSFTIME)
     for(outbuf = wcschr(fmt, '%');
@@ -636,6 +642,12 @@
                             "format %y requires year >= 1900 on AIX");
             return NULL;
         }
+        else if (outbuf[1] == '\0')
+        {
+            PyErr_SetString(PyExc_ValueError, "Incomplete format string");
+            Py_DECREF(format);
+            return NULL;
+        }
     }
 #endif
 

-- 
Repository URL: https://hg.python.org/cpython

More information about the Python-checkins mailing list