diff options
| author | Philip Jenvey <pjenvey@underboss.org> | 2012-01-23 21:40:09 -0800 |
|---|---|---|
| committer | Philip Jenvey <pjenvey@underboss.org> | 2012-01-23 21:40:09 -0800 |
| commit | 37628c2468d88f3d3ad67c0495897786df1cacb6 (patch) | |
| tree | 231b3b4bf04e0f5fd0d70e5066bcb64b7506b30c /lib/sqlalchemy/cextension | |
| parent | f02433d7aafe1eba9c4f90863d1d4de6673ab1db (diff) | |
| download | sqlalchemy-37628c2468d88f3d3ad67c0495897786df1cacb6.tar.gz | |
o null check PyObject_Repr results
o limit size of strings passed to PyErr_Format
Diffstat (limited to 'lib/sqlalchemy/cextension')
| -rw-r--r-- | lib/sqlalchemy/cextension/processors.c | 25 | ||||
| -rw-r--r-- | lib/sqlalchemy/cextension/resultproxy.c | 2 |
2 files changed, 20 insertions, 7 deletions
diff --git a/lib/sqlalchemy/cextension/processors.c b/lib/sqlalchemy/cextension/processors.c index 68758afc8..b539f6843 100644 --- a/lib/sqlalchemy/cextension/processors.c +++ b/lib/sqlalchemy/cextension/processors.c @@ -74,9 +74,12 @@ str_to_datetime(PyObject *self, PyObject *arg) str = PyString_AsString(arg); if (str == NULL) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse datetime string '%s' - value is not a string.", + "Couldn't parse datetime string '%.200s' " + "- value is not a string.", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; @@ -91,9 +94,11 @@ str_to_datetime(PyObject *self, PyObject *arg) if (sscanf(str, "%4u-%2u-%2u %2u:%2u:%2u.%6u", &year, &month, &day, &hour, &minute, &second, µsecond) < 6) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse datetime string: %s", + "Couldn't parse datetime string: %.200s", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; @@ -115,9 +120,11 @@ str_to_time(PyObject *self, PyObject *arg) str = PyString_AsString(arg); if (str == NULL) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse time string '%s' - value is not a string.", + "Couldn't parse time string '%.200s' - value is not a string.", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; @@ -132,9 +139,11 @@ str_to_time(PyObject *self, PyObject *arg) if (sscanf(str, "%2u:%2u:%2u.%6u", &hour, &minute, &second, µsecond) < 3) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse time string: %s", + "Couldn't parse time string: %.200s", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; @@ -155,9 +164,11 @@ str_to_date(PyObject *self, PyObject *arg) str = PyString_AsString(arg); if (str == NULL) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse date string '%s' - value is not a string.", + "Couldn't parse date string '%.200s' - value is not a string.", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; @@ -165,9 +176,11 @@ str_to_date(PyObject *self, PyObject *arg) if (sscanf(str, "%4u-%2u-%2u", &year, &month, &day) != 3) { err_repr = PyObject_Repr(arg); + if (err_repr == NULL) + return NULL; PyErr_Format( PyExc_ValueError, - "Couldn't parse date string: %s", + "Couldn't parse date string: %.200s", PyString_AsString(err_repr)); Py_DECREF(err_repr); return NULL; diff --git a/lib/sqlalchemy/cextension/resultproxy.c b/lib/sqlalchemy/cextension/resultproxy.c index cfc0e3530..64b6855fa 100644 --- a/lib/sqlalchemy/cextension/resultproxy.c +++ b/lib/sqlalchemy/cextension/resultproxy.c @@ -298,7 +298,7 @@ BaseRowProxy_subscript(BaseRowProxy *self, PyObject *key) return NULL; PyErr_Format(exception, - "Ambiguous column name '%s' in result set! " + "Ambiguous column name '%.200s' in result set! " "try 'use_labels' option on select statement.", cstr_key); return NULL; } |