mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-09-26 18:29:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

I'm not sure why this code allocates this string for the error message.

Browse source 
I think it would be better to always use snprintf and have the format
limit the size of the name appropriately (like %.200s).

Klocwork #340
This commit is contained in:
Neal Norwitz 2006-08-12 01:57:47 +00:00
parent ef0de023db
commit b45f351832
1 changed files with 11 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

13
Modules/unicodedata.c
View file

@ -1078,6 +1078,7 @@ unicodedata_lookup(PyObject* self, PyObject* args)
{ {
Py_UCS4 code; Py_UCS4 code;
Py_UNICODE str[1]; Py_UNICODE str[1];
char errbuf[256];
char* name; char* name;
int namelen; int namelen;
@ -1085,11 +1086,19 @@ unicodedata_lookup(PyObject* self, PyObject* args)
return NULL; return NULL;
if (!_getcode(self, name, namelen, &code)) { if (!_getcode(self, name, namelen, &code)) {
/* XXX(nnorwitz): why are we allocating for the error msg?
Why not always use snprintf? */
char fmt[] = "undefined character name '%s'"; char fmt[] = "undefined character name '%s'";
char *buf = PyMem_MALLOC(sizeof(fmt) + namelen); char *buf = PyMem_MALLOC(sizeof(fmt) + namelen);
sprintf(buf, fmt, name); if (buf)
sprintf(buf, fmt, name);
else {
buf = errbuf;
PyOS_snprintf(buf, sizeof(errbuf), fmt, name);
}
PyErr_SetString(PyExc_KeyError, buf); PyErr_SetString(PyExc_KeyError, buf);
PyMem_FREE(buf); if (buf != errbuf)
PyMem_FREE(buf);
return NULL; return NULL;
} }