Message125387
Steps 1 and 3 of PyUnicode_FromFormatV() doesn't handle the format string "%%" correctly. The loop responsible to skip the precision moves outside the format string, and the function will then read uninitialized memory. The loop:
while (*++f && *f != '%' && !Py_ISALPHA((unsigned)*f))
;
This is another issue:
for (f = format; *f; f++) {
if (*f == '%') {
if (*(f+1)=='%')
continue;
...
continue only skips the first %: with "%%", the second % will be interpreted (and not escaped).
Attached patch fixes the issue, but I don't feal confortable with this ugly function, and I would appreciate a review :-) The patch adds unit tests.
I found the bug when trying to add new tests before trying to implement "%zi" format. I was first surprised that "%zi" (and %li and %lli) is not supported, but now I am surprised because I found bugs :-) |
|
Date |
User |
Action |
Args |
2011-01-05 00:46:43 | vstinner | set | recipients:
+ vstinner, amaury.forgeotdarc |
2011-01-05 00:46:43 | vstinner | set | messageid: <1294188403.72.0.24360709681.issue10829@psf.upfronthosting.co.za> |
2011-01-05 00:46:25 | vstinner | link | issue10829 messages |
2011-01-05 00:46:25 | vstinner | create | |
|