diff options
Diffstat (limited to 'lang/python24/patches/patch-bm')
-rw-r--r-- | lang/python24/patches/patch-bm | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/lang/python24/patches/patch-bm b/lang/python24/patches/patch-bm new file mode 100644 index 00000000000..2c1de4873a1 --- /dev/null +++ b/lang/python24/patches/patch-bm @@ -0,0 +1,57 @@ +$NetBSD: patch-bm,v 1.1 2008/08/07 11:20:18 drochner Exp $ + +--- Python/mysnprintf.c.orig 2001-12-21 17:32:15.000000000 +0100 ++++ Python/mysnprintf.c +@@ -54,18 +54,28 @@ int + PyOS_vsnprintf(char *str, size_t size, const char *format, va_list va) + { + int len; /* # bytes written, excluding \0 */ +-#ifndef HAVE_SNPRINTF ++#ifdef HAVE_SNPRINTF ++#define _PyOS_vsnprintf_EXTRA_SPACE 1 ++#else ++#define _PyOS_vsnprintf_EXTRA_SPACE 512 + char *buffer; + #endif + assert(str != NULL); + assert(size > 0); + assert(format != NULL); ++ /* We take a size_t as input but return an int. Sanity check ++ * our input so that it won't cause an overflow in the ++ * vsnprintf return value or the buffer malloc size. */ ++ if (size > INT_MAX - _PyOS_vsnprintf_EXTRA_SPACE) { ++ len = -666; ++ goto Done; ++ } + + #ifdef HAVE_SNPRINTF + len = vsnprintf(str, size, format, va); + #else + /* Emulate it. */ +- buffer = PyMem_MALLOC(size + 512); ++ buffer = PyMem_MALLOC(size + _PyOS_vsnprintf_EXTRA_SPACE); + if (buffer == NULL) { + len = -666; + goto Done; +@@ -75,7 +85,7 @@ PyOS_vsnprintf(char *str, size_t size, c + if (len < 0) + /* ignore the error */; + +- else if ((size_t)len >= size + 512) ++ else if ((size_t)len >= size + _PyOS_vsnprintf_EXTRA_SPACE) + Py_FatalError("Buffer overflow in PyOS_snprintf/PyOS_vsnprintf"); + + else { +@@ -86,8 +96,10 @@ PyOS_vsnprintf(char *str, size_t size, c + str[to_copy] = '\0'; + } + PyMem_FREE(buffer); +-Done: + #endif +- str[size-1] = '\0'; ++Done: ++ if (size > 0) ++ str[size-1] = '\0'; + return len; ++#undef _PyOS_vsnprintf_EXTRA_SPACE + } |