gh-99426: Use PyUnicode_FromFormat() and PyErr_Format() instead of sprintf (GH-99427)

serhiy-storchaka · web-flow · commit 3fe7d7c020a8 · 2022-11-14T15:25:34.000+02:00
diff --git a/Modules/_ctypes/callproc.c b/Modules/_ctypes/callproc.c
@@ -1880,7 +1880,6 @@ POINTER(PyObject *self, PyObject *cls)
     PyObject *result;
     PyTypeObject *typ;
     PyObject *key;
-    char *buf;
 
     result = PyDict_GetItemWithError(_ctypes_ptrtype_cache, cls);
     if (result) {
@@ -1890,18 +1889,11 @@ POINTER(PyObject *self, PyObject *cls)
         return NULL;
     }
     if (PyUnicode_CheckExact(cls)) {
-        const char *name = PyUnicode_AsUTF8(cls);
-        if (name == NULL)
-            return NULL;
-        buf = PyMem_Malloc(strlen(name) + 3 + 1);
-        if (buf == NULL)
-            return PyErr_NoMemory();
-        sprintf(buf, "LP_%s", name);
+        PyObject *name = PyUnicode_FromFormat("LP_%U", cls);
         result = PyObject_CallFunction((PyObject *)Py_TYPE(&PyCPointer_Type),
-                                       "s(O){}",
-                                       buf,
+                                       "N(O){}",
+                                       name,
                                        &PyCPointer_Type);
-        PyMem_Free(buf);
         if (result == NULL)
             return result;
         key = PyLong_FromVoidPtr(result);
@@ -1911,16 +1903,12 @@ POINTER(PyObject *self, PyObject *cls)
         }
     } else if (PyType_Check(cls)) {
         typ = (PyTypeObject *)cls;
-        buf = PyMem_Malloc(strlen(typ->tp_name) + 3 + 1);
-        if (buf == NULL)
-            return PyErr_NoMemory();
-        sprintf(buf, "LP_%s", typ->tp_name);
+        PyObject *name = PyUnicode_FromFormat("LP_%s", typ->tp_name);
         result = PyObject_CallFunction((PyObject *)Py_TYPE(&PyCPointer_Type),
-                                       "s(O){sO}",
-                                       buf,
+                                       "N(O){sO}",
+                                       name,
                                        &PyCPointer_Type,
                                        "_type_", cls);
-        PyMem_Free(buf);
         if (result == NULL)
             return result;
         key = Py_NewRef(cls);
diff --git a/Modules/_gdbmmodule.c b/Modules/_gdbmmodule.c
@@ -675,7 +675,6 @@ dbmopen_impl(PyObject *module, PyObject *filename, const char *flags,
         return NULL;
     }
     for (flags++; *flags != '\0'; flags++) {
-        char buf[40];
         switch (*flags) {
 #ifdef GDBM_FAST
             case 'f':
@@ -693,9 +692,8 @@ dbmopen_impl(PyObject *module, PyObject *filename, const char *flags,
                 break;
 #endif
             default:
-                PyOS_snprintf(buf, sizeof(buf), "Flag '%c' is not supported.",
-                              *flags);
-                PyErr_SetString(state->gdbm_error, buf);
+                PyErr_Format(state->gdbm_error,
+                             "Flag '%c' is not supported.", (unsigned char)*flags);
                 return NULL;
         }
     }
diff --git a/Modules/pyexpat.c b/Modules/pyexpat.c
@@ -1365,9 +1365,7 @@ xmlparse_buffer_size_setter(xmlparseobject *self, PyObject *v, void *closure)
 
     /* check maximum */
     if (new_buffer_size > INT_MAX) {
-        char errmsg[100];
-        sprintf(errmsg, "buffer_size must not be greater than %i", INT_MAX);
-        PyErr_SetString(PyExc_ValueError, errmsg);
+        PyErr_Format(PyExc_ValueError, "buffer_size must not be greater than %i", INT_MAX);
         return -1;
     }
 

Original file line number	Diff line number	Diff line change
`@@ -675,7 +675,6 @@ dbmopen_impl(PyObject module, PyObject filename, const char *flags,`
`675`	`675`	`return NULL;`
`676`	`676`	`}`
`677`	`677`	`for (flags++; *flags != '\0'; flags++) {`
`678`		`- char buf[40];`
`679`	`678`	`switch (*flags) {`
`680`	`679`	`#ifdef GDBM_FAST`
`681`	`680`	`case 'f':`
`@@ -693,9 +692,8 @@ dbmopen_impl(PyObject module, PyObject filename, const char *flags,`
`693`	`692`	`break;`
`694`	`693`	`#endif`
`695`	`694`	`default:`
`696`		`- PyOS_snprintf(buf, sizeof(buf), "Flag '%c' is not supported.",`
`697`		`- *flags);`
`698`		`- PyErr_SetString(state->gdbm_error, buf);`
	`695`	`+ PyErr_Format(state->gdbm_error,`
	`696`	`+ "Flag '%c' is not supported.", (unsigned char)*flags);`
`699`	`697`	`return NULL;`
`700`	`698`	`}`
`701`	`699`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1365,9 +1365,7 @@ xmlparse_buffer_size_setter(xmlparseobject self, PyObject v, void *closure)`
`1365`	`1365`
`1366`	`1366`	`/* check maximum */`
`1367`	`1367`	`if (new_buffer_size > INT_MAX) {`
`1368`		`- char errmsg[100];`
`1369`		`- sprintf(errmsg, "buffer_size must not be greater than %i", INT_MAX);`
`1370`		`- PyErr_SetString(PyExc_ValueError, errmsg);`
	`1368`	`+ PyErr_Format(PyExc_ValueError, "buffer_size must not be greater than %i", INT_MAX);`
`1371`	`1369`	`return -1;`
`1372`	`1370`	`}`
`1373`	`1371`