Issue #18184: PyUnicode_FromFormat() and PyUnicode_FromFormatV() now raise

serhiy-storchaka · serhiy-storchaka · commit 8eeae2126ca7 · 2013-06-23T20:12:14.000+03:00
OverflowError when an argument of %c format is out of range.
diff --git a/Lib/test/test_unicode.py b/Lib/test/test_unicode.py
@@ -2024,6 +2024,8 @@ def PyUnicode_FromFormat(format, *args):
         # test "%c"
         self.assertEqual(PyUnicode_FromFormat(b'%c', c_int(0xabcd)), '\uabcd')
         self.assertEqual(PyUnicode_FromFormat(b'%c', c_int(0x10ffff)), '\U0010ffff')
+        with self.assertRaises(OverflowError):
+            PyUnicode_FromFormat(b'%c', c_int(0x110000))
         # Issue #18183
         self.assertEqual(
             PyUnicode_FromFormat(b'%c%c', c_int(0x10000), c_int(0x100000)),
diff --git a/Misc/NEWS b/Misc/NEWS
@@ -12,6 +12,9 @@ What's New in Python 3.3.3 release candidate 1?
 Core and Builtins
 -----------------
 
+- Issue #18184: PyUnicode_FromFormat() and PyUnicode_FromFormatV() now raise
+  OverflowError when an argument of %c format is out of range.
+
 - Issue #18137: Detect integer overflow on precision in float.__format__()
   and complex.__format__().
 
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c
@@ -2489,8 +2489,13 @@ PyUnicode_FromFormatV(const char *format, va_list vargs)
             switch (*f) {
             case 'c':
             {
-                Py_UCS4 ordinal = va_arg(count, int);
-                maxchar = Py_MAX(maxchar, ordinal);
+                int ordinal = va_arg(count, int);
+                if (ordinal < 0 || ordinal > MAX_UNICODE) {
+                    PyErr_SetString(PyExc_OverflowError,
+                                    "%c arg not in range(0x110000)");
+                    goto fail;
+                }
+                maxchar = Py_MAX(maxchar, (Py_UCS4)ordinal);
                 n++;
                 break;
             }
