diff options
| author | jim <jim@13f79535-47bb-0310-9956-ffa450edef68> | 2002-12-09 20:21:18 +0000 |
|---|---|---|
| committer | jim <jim@13f79535-47bb-0310-9956-ffa450edef68> | 2002-12-09 20:21:18 +0000 |
| commit | 6c55927ba0b4a30aa5f20fc03b3312f8670cf6f8 (patch) | |
| tree | 2fb99ae4004c143dbc38376e3dc6427b1cf8e1ac /strings | |
| parent | c83d702ed557fd9b57bba020eccde0b8cfc0ccdb (diff) | |
| download | libapr-6c55927ba0b4a30aa5f20fc03b3312f8670cf6f8.tar.gz | |
Get rid of somewhat long-standing issue regarding large values
of precision causing a buffer to be clobbered in the vformatter
function (eg: apr_snprintf)
PR:
Obtained from:
Submitted by:
Reviewed by:
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/trunk@64132 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'strings')
| -rw-r--r-- | strings/apr_snprintf.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/strings/apr_snprintf.c b/strings/apr_snprintf.c index b282f246b..aac28bfc6 100644 --- a/strings/apr_snprintf.c +++ b/strings/apr_snprintf.c @@ -321,15 +321,21 @@ static char *apr_gcvt(double number, int ndigit, char *buf, boolean_e altform) * This macro does zero padding so that the precision * requirement is satisfied. The padding is done by * adding '0's to the left of the string that is going - * to be printed. + * to be printed. We don't allow precision to be large + * enough that we continue past the start of s. + * + * NOTE: this makes use of the magic info that s is + * always based on num_buf with a size of NUM_BUF_SIZE. */ #define FIX_PRECISION(adjust, precision, s, s_len) \ - if (adjust) \ - while (s_len < precision) \ + if (adjust) { \ + int p = precision < NUM_BUF_SIZE - 1 ? precision : NUM_BUF_SIZE - 1; \ + while (s_len < p) \ { \ *--s = '0'; \ s_len++; \ - } + } \ + } /* * Macro that does padding. The padding is done by printing @@ -784,10 +790,6 @@ APR_DECLARE(int) apr_vformatter(int (*flush_func)(apr_vformatter_buff_t *), /* * Check if a precision was specified - * - * XXX: an unreasonable amount of precision may be specified - * resulting in overflow of num_buf. Currently we - * ignore this possibility. */ if (*fmt == '.') { adjust_precision = YES; |