commit 5db862dd0cae0077b09a765220bb358e0e129449
author Guido van Rossum <guido@python.org> Mon Apr 10 12:46:51 2000 +0000
committer Guido van Rossum <guido@python.org> Mon Apr 10 12:46:51 2000 +0000
tree 997e545b6dab223b7828d96ac9c39f26e5fe4d14
parent fa972c987c394507ca6fb76de5ef0b47e9301226

Skip Montanaro: add string precisions to calls to PyErr_Format
to prevent possible buffer overruns.

Python/ceval.c

diff --git a/Python/ceval.c b/Python/ceval.c
index f225446..989e17f 100644
--- a/Python/ceval.c
+++ b/Python/ceval.c
@@ -2513,7 +2513,7 @@
 	else {
 		if (!PyFunction_Check(func)) {
 			PyErr_Format(PyExc_TypeError,
-				     "call of non-function (type %s)",
+				     "call of non-function (type %.200s)",
 				     func->ob_type->tp_name);
 			return NULL;
 		}

Python/dynload_next.c

diff --git a/Python/dynload_next.c b/Python/dynload_next.c
index 5088b05..08a6d7c 100644
--- a/Python/dynload_next.c
+++ b/Python/dynload_next.c
@@ -185,7 +185,9 @@
 		if (!NSIsSymbolNameDefined(funcname)) {
 			/* UnlinkModule() isn't implimented in current versions, but calling it does no harm */
 			NSUnLinkModule(newModule, FALSE);
-			PyErr_Format(PyExc_ImportError, "Loaded module does not contain symbol %s", funcname);
+			PyErr_Format(PyExc_ImportError,
+				     "Loaded module does not contain symbol %.200s",
+				     funcname);
 			return NULL;
 		}
 		theSym = NSLookupAndBindSymbol(funcname);