bpo-35552: Fix reading past the end in PyUnicode_FromFormat() and PyBytes_FromFormat(). (GH-11276) Format characters "%s" and "%V" in PyUnicode_FromFormat() and "%s" in PyBytes_FromFormat() no longer read memory past the limit if precision is specified. (cherry picked from commit d586ccb04f79863c819b212ec5b9d873964078e4) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>

commit: cbc7c2c791185ad44b4b3ede72309df5f252f4cb [log] [tgz]
author: Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> Sat Jan 12 00:52:55 2019 -0800
committer: GitHub <noreply@github.com> Sat Jan 12 00:52:55 2019 -0800
tree: 9b7e2027e156fc4d7d735180bbafd9a1d9115f89
parent: d39c19255910b9dce08c595f511597e98b09e91f [diff] [blame]
diff --git a/Objects/bytesobject.c b/Objects/bytesobject.c
index 5f9e1ec..172c7f3 100644
--- a/Objects/bytesobject.c
+++ b/Objects/bytesobject.c

@@ -311,9 +311,15 @@
             Py_ssize_t i;
 
             p = va_arg(vargs, const char*);
-            i = strlen(p);
-            if (prec > 0 && i > prec)
-                i = prec;
+            if (prec <= 0) {
+                i = strlen(p);
+            }
+            else {
+                i = 0;
+                while (i < prec && p[i]) {
+                    i++;
+                }
+            }
             s = _PyBytesWriter_WriteBytes(&writer, s, p, i);
             if (s == NULL)
                 goto error;
commit	cbc7c2c791185ad44b4b3ede72309df5f252f4cb	[log] [tgz]
author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>	Sat Jan 12 00:52:55 2019 -0800
committer	GitHub <noreply@github.com>	Sat Jan 12 00:52:55 2019 -0800
tree	9b7e2027e156fc4d7d735180bbafd9a1d9115f89
parent	d39c19255910b9dce08c595f511597e98b09e91f [diff] [blame]