From: Philip Jenvey Date: Tue, 24 Jan 2012 05:40:09 +0000 (-0800) Subject: o null check PyObject_Repr results X-Git-Tag: rel_0_7_5~26^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=37628c2468d88f3d3ad67c0495897786df1cacb6;p=thirdparty%2Fsqlalchemy%2Fsqlalchemy.git o null check PyObject_Repr results o limit size of strings passed to PyErr_Format --- diff --git a/lib/sqlalchemy/cextension/processors.c b/lib/sqlalchemy/cextension/processors.c index 68758afc8c..b539f68430 100644 --- a/lib/sqlalchemy/cextension/processors.c +++ b/lib/sqlalchemy/cextension/processors.c @@ -74,9 +74,12 @@ str_to_datetime(PyObject *self, PyObject *arg) str = PyString_AsString(arg); if (str == NULL) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse datetime string '%s' - value is not a string.", + "Couldn't parse datetime string '%.200s' " + "- value is not a string.", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; @@ -91,9 +94,11 @@ str_to_datetime(PyObject *self, PyObject *arg) if (sscanf(str, "%4u-%2u-%2u %2u:%2u:%2u.%6u", &year, &month, &day, &hour, &minute, &second, µsecond) < 6) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse datetime string: %s", + "Couldn't parse datetime string: %.200s", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; @@ -115,9 +120,11 @@ str_to_time(PyObject *self, PyObject *arg) str = PyString_AsString(arg); if (str == NULL) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse time string '%s' - value is not a string.", + "Couldn't parse time string '%.200s' - value is not a string.", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; @@ -132,9 +139,11 @@ str_to_time(PyObject *self, PyObject *arg) if (sscanf(str, "%2u:%2u:%2u.%6u", &hour, &minute, &second, µsecond) < 3) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse time string: %s", + "Couldn't parse time string: %.200s", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; @@ -155,9 +164,11 @@ str_to_date(PyObject *self, PyObject *arg) str = PyString_AsString(arg); if (str == NULL) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse date string '%s' - value is not a string.", + "Couldn't parse date string '%.200s' - value is not a string.", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; @@ -165,9 +176,11 @@ str_to_date(PyObject *self, PyObject *arg) if (sscanf(str, "%4u-%2u-%2u", &year, &month, &day) != 3) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse date string: %s", + "Couldn't parse date string: %.200s", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; diff --git a/lib/sqlalchemy/cextension/resultproxy.c b/lib/sqlalchemy/cextension/resultproxy.c index cfc0e3530e..64b6855faa 100644 --- a/lib/sqlalchemy/cextension/resultproxy.c +++ b/lib/sqlalchemy/cextension/resultproxy.c @@ -298,7 +298,7 @@ BaseRowProxy_subscript(BaseRowProxy *self, PyObject *key) return NULL; PyErr_Format(exception, - "Ambiguous column name '%s' in result set! " + "Ambiguous column name '%.200s' in result set! " "try 'use_labels' option on select statement.", cstr_key); return NULL; }