[New-bugs-announce] [issue10829] PyUnicode_FromFormatV() bugs with "%" and "%%" format strings

STINNER Victor report at bugs.python.org
Wed Jan 5 01:46:43 CET 2011

New submission from STINNER Victor <victor.stinner at haypocalc.com>:

Steps 1 and 3 of PyUnicode_FromFormatV() doesn't handle the format string "%%" correctly. The loop responsible to skip the precision moves outside the format string, and the function will then read uninitialized memory. The loop:

             while (*++f && *f != '%' && !Py_ISALPHA((unsigned)*f))

This is another issue:

    for (f = format; *f; f++) {
         if (*f == '%') {
             if (*(f+1)=='%')

continue only skips the first %: with "%%", the second % will be interpreted (and not escaped).

Attached patch fixes the issue, but I don't feal confortable with this ugly function, and I would appreciate a review :-) The patch adds unit tests.

I found the bug when trying to add new tests before trying to implement "%zi" format. I was first surprised that "%zi" (and %li and %lli) is not supported, but now I am surprised because I found bugs :-)

components: Interpreter Core, Unicode
files: pyunicode_fromformatv.patch
keywords: patch
messages: 125387
nosy: amaury.forgeotdarc, haypo
priority: normal
severity: normal
status: open
title: PyUnicode_FromFormatV() bugs with "%" and "%%" format strings
versions: Python 2.6, Python 2.7, Python 3.1, Python 3.2
Added file: http://bugs.python.org/file20262/pyunicode_fromformatv.patch

Python tracker <report at bugs.python.org>

More information about the New-bugs-announce mailing list