From b5be6d48190418a58f0a49b4a4d5f476560f6a64 Mon Sep 17 00:00:00 2001
From: Amaury Forgeot d'Arc <amauryfa@gmail.com>
Date: Mon, 2 Mar 2009 23:52:57 +0000
Subject: [PATCH] re-merge r69268 (issue4804) from trunk: Now that the C
 runtime assertions are not silenced any more, we must provide checks for the
 format string of strftime

---
 Modules/timemodule.c | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/Modules/timemodule.c b/Modules/timemodule.c
index 7e180862bb..2727297792 100644
--- a/Modules/timemodule.c
+++ b/Modules/timemodule.c
@@ -513,6 +513,24 @@ time_strftime(PyObject *self, PyObject *args)
 	if (format == NULL)
 		return NULL;
 	fmt = PyBytes_AS_STRING(format);
+
+#ifdef MS_WINDOWS
+	/* check that the format string contains only valid directives */
+	for(outbuf = strchr(fmt, '%');
+		outbuf != NULL;
+		outbuf = strchr(outbuf+2, '%'))
+	{
+		if (outbuf[1]=='#')
+			++outbuf; /* not documented by python, */
+		if (outbuf[1]=='\0' ||
+			!strchr("aAbBcdfHIjmMpSUwWxXyYzZ%", outbuf[1]))
+		{
+			PyErr_SetString(PyExc_ValueError, "Invalid format string");
+			return 0;
+		}
+	}
+#endif
+
 	fmtlen = strlen(fmt);
 
 	/* I hate these functions that presume you know how big the output
-- 
2.50.1