Merged revisions 70682,70684 via svnmerge from

mdickinson · mdickinson · commit 4feda2abc287 · 2009-03-29T16:34:21.000Z
svn+ssh://pythondev@svn.python.org/python/trunk

........
  r70682 | mark.dickinson | 2009-03-29 17:17:16 +0100 (Sun, 29 Mar 2009) | 3 lines

  Issue #532631:  Add paranoid check to avoid potential buffer overflow
  on systems with sizeof(int) &gt; 4.
........
  r70684 | mark.dickinson | 2009-03-29 17:24:29 +0100 (Sun, 29 Mar 2009) | 3 lines

  Issue #532631: Apply floatformat changes to unicodeobject.c
  as well as stringobject.c.
........
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c
@@ -8847,6 +8847,15 @@ formatfloat(Py_UNICODE *buf,
         return -1;
     if (prec < 0)
         prec = 6;
+    /* make sure that the decimal representation of precision really does
+       need at most 10 digits: platforms with sizeof(int) == 8 exist! */
+    if (prec > 0x7fffffffL) {
+        PyErr_SetString(PyExc_OverflowError,
+                        "outrageously large precision "
+                        "for formatted float");
+        return -1;
+    }
+
     if (type == 'f' && fabs(x) >= 1e50)
         type = 'g';
     /* Worst case length calc to ensure no buffer overrun:
