From: Amaury Forgeot d'Arc <amauryfa@gmail.com>
Date: Mon, 2 Mar 2009 23:52:57 +0000 (+0000)
Subject: re-merge r69268 (issue4804) from trunk:
X-Git-Tag: v3.1a1~54
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b5be6d48190418a58f0a49b4a4d5f476560f6a64;p=thirdparty%2FPython%2Fcpython.git

re-merge r69268 (issue4804) from trunk:
Now that the C runtime assertions are not silenced any more,
we must provide checks for the format string of strftime
---

diff --git a/Modules/timemodule.c b/Modules/timemodule.c
index 7e180862bb59..27272977922c 100644
--- a/Modules/timemodule.c
+++ b/Modules/timemodule.c
@@ -513,6 +513,24 @@ time_strftime(PyObject *self, PyObject *args)
 	if (format == NULL)
 		return NULL;
 	fmt = PyBytes_AS_STRING(format);
+
+#ifdef MS_WINDOWS
+	/* check that the format string contains only valid directives */
+	for(outbuf = strchr(fmt, '%');
+		outbuf != NULL;
+		outbuf = strchr(outbuf+2, '%'))
+	{
+		if (outbuf[1]=='#')
+			++outbuf; /* not documented by python, */
+		if (outbuf[1]=='\0' ||
+			!strchr("aAbBcdfHIjmMpSUwWxXyYzZ%", outbuf[1]))
+		{
+			PyErr_SetString(PyExc_ValueError, "Invalid format string");
+			return 0;
+		}
+	}
+#endif
+
 	fmtlen = strlen(fmt);
 
 	/* I hate these functions that presume you know how big the output