When the number of bytes written to the malloc'ed buffer is larger

than the argument string size, copy as many bytes as will fit
(including a terminating '\0'), rather than not copying anything.
This to make it satisfy the C99 spec.

diff --git a/Python/mysnprintf.c b/Python/mysnprintf.c
index a373f4efe6d7516d38e1b7ad4f3713ccac3b5698..02f929137a426c79d0237ce8616ab9c27f44c956 100644 (file)
--- a/Python/mysnprintf.c
+++ b/Python/mysnprintf.c
@@ -40,11 +40,11 @@ int myvsnprintf(char *str, size_t size, const char  *format, va_list va)
     assert(len >= 0);
     if ((size_t)len > size + 512)
        Py_FatalError("Buffer overflow in PyOS_snprintf/PyOS_vsnprintf");
-    if ((size_t)len > size) {
-       PyMem_Free(buffer);
-       return len - 1;
-    }
-    memcpy(str, buffer, len);
+    if ((size_t)len > size)
+       buffer[size-1] = '\0';
+    else
+       size = len;
+    memcpy(str, buffer, size);
     PyMem_Free(buffer);
     return len - 1;
 }