Issue #24917: time_strftime() Buffer Over-read. Patch by John Leitch.

author Steve Dower <steve.dower@microsoft.com>

Sun, 6 Sep 2015 03:55:34 +0000 (20:55 -0700)

committer Steve Dower <steve.dower@microsoft.com>

Sun, 6 Sep 2015 03:55:34 +0000 (20:55 -0700)
author Steve Dower <steve.dower@microsoft.com>
Sun, 6 Sep 2015 03:55:34 +0000 (20:55 -0700)
committer Steve Dower <steve.dower@microsoft.com>
Sun, 6 Sep 2015 03:55:34 +0000 (20:55 -0700)
diff --git a/Misc/NEWS b/Misc/NEWS

index dd175fead46e030d58893938c2bb7a1795a7d149..834e20a815886c825aa7692a2e8678de444630ee 100644 (file)
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -84,6 +84,8 @@ Library
  - Issue #16180: Exit pdb if file has syntax error, instead of trapping user
    in an infinite loop.  Patch by Xavier de Gaye.
  
+- Issue #24917: time_strftime() Buffer Over-read. Patch by John Leitch.
+
  - Issue #21112: Fix regression in unittest.expectedFailure on subclasses.
    Patch from Berker Peksag.
  
diff --git a/Modules/timemodule.c b/Modules/timemodule.c

index d0917a40730b813cd2ee7575e8694b9e16507175..f7295946917eaf84728e7955ca2e9a86eb9b038b 100644 (file)
--- a/Modules/timemodule.c
+++ b/Modules/timemodule.c
@@ -662,6 +662,12 @@ time_strftime(PyObject *self, PyObject *args)
                              "format %y requires year >= 1900 on AIX");
              return NULL;
          }
+        else if (outbuf[1] == '\0')
+        {
+            PyErr_SetString(PyExc_ValueError, "Incomplete format string");
+            Py_DECREF(format);
+            return NULL;
+        }
      }
  #endif
author	Steve Dower <steve.dower@microsoft.com>
	Sun, 6 Sep 2015 03:55:34 +0000 (20:55 -0700)
committer	Steve Dower <steve.dower@microsoft.com>
	Sun, 6 Sep 2015 03:55:34 +0000 (20:55 -0700)
Misc/NEWS		patch \| blob \| history
Modules/timemodule.c		patch \| blob \| history