When the number of bytes written to the malloc'ed buffer is larger

gvanrossum · gvanrossum · commit b5b475a150f3 · 2001-12-01T16:00:10.000Z
than the argument string size, copy as many bytes as will fit (including a terminating '\0'), rather than not copying anything. This to make it satisfy the C99 spec. git-svn-id: http://svn.python.org/projects/python/trunk@24439 6015fed2-1504-0410-9fe1-9d1591cc4771
diff --git a/Python/mysnprintf.c b/Python/mysnprintf.c
@@ -40,11 +40,11 @@ int myvsnprintf(char *str, size_t size, const char  *format, va_list va)
     assert(len >= 0);
     if ((size_t)len > size + 512)
 	Py_FatalError("Buffer overflow in PyOS_snprintf/PyOS_vsnprintf");
-    if ((size_t)len > size) {
-	PyMem_Free(buffer);
-	return len - 1;
-    }
-    memcpy(str, buffer, len);
+    if ((size_t)len > size)
+	buffer[size-1] = '\0';
+    else
+	size = len;
+    memcpy(str, buffer, size);
     PyMem_Free(buffer);
     return len - 1;
 }
