diff options
| author | Curl Upstream <curl-library@cool.haxx.se> | 2020-08-19 07:37:28 (GMT) |
|---|---|---|
| committer | Brad King <brad.king@kitware.com> | 2020-08-19 16:44:30 (GMT) |
| commit | 7ceb56989f8ab3a4e1b1f2c48c9a0f382b85ec04 (patch) | |
| tree | 936c40c921e79b8eabd623181d78167188bbc810 /lib/mprintf.c | |
| parent | 4446fda8e019a0138bec1aa2d83a720d63019ff9 (diff) | |
| download | CMake-7ceb56989f8ab3a4e1b1f2c48c9a0f382b85ec04.zip CMake-7ceb56989f8ab3a4e1b1f2c48c9a0f382b85ec04.tar.gz CMake-7ceb56989f8ab3a4e1b1f2c48c9a0f382b85ec04.tar.bz2 | |
curl 2020-08-19 (9d954e49)
Code extracted from:
https://github.com/curl/curl.git
at commit 9d954e49bce3706a9a2efb119ecd05767f0f2a9e (curl-7_72_0).
Diffstat (limited to 'lib/mprintf.c')
| -rw-r--r-- | lib/mprintf.c | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/lib/mprintf.c b/lib/mprintf.c index 63c9d11..80735be 100644 --- a/lib/mprintf.c +++ b/lib/mprintf.c @@ -178,12 +178,14 @@ static long dprintf_DollarString(char *input, char **end) { int number = 0; while(ISDIGIT(*input)) { - number *= 10; - number += *input-'0'; + if(number < MAX_PARAMETERS) { + number *= 10; + number += *input - '0'; + } input++; } - if(number && ('$'==*input++)) { - *end = input; + if(number <= MAX_PARAMETERS && ('$' == *input)) { + *end = ++input; return number; } return 0; @@ -377,6 +379,8 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, if(width > max_param) max_param = width; break; + case '\0': + fmt--; default: break; } @@ -458,6 +462,9 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, /* we have the width specified from a parameter, so we make that parameter's info setup properly */ long k = width - 1; + if((k < 0) || (k >= MAX_PARAMETERS)) + /* out of allowed range */ + return 1; vto[i].width = k; vto[k].type = FORMAT_WIDTH; vto[k].flags = FLAGS_NEW; @@ -469,6 +476,9 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, /* we have the precision specified from a parameter, so we make that parameter's info setup properly */ long k = precision - 1; + if((k < 0) || (k >= MAX_PARAMETERS)) + /* out of allowed range */ + return 1; vto[i].precision = k; vto[k].type = FORMAT_WIDTH; vto[k].flags = FLAGS_NEW; @@ -476,7 +486,7 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto, vto[k].width = 0; vto[k].precision = 0; } - *endpos++ = fmt + 1; /* end of this sequence */ + *endpos++ = fmt + ((*fmt == '\0') ? 0 : 1); /* end of this sequence */ } } @@ -754,7 +764,7 @@ static int dprintf_formatf( if(prec > 0) { width -= prec; - while(prec-- > 0) + while(prec-- > 0 && w >= work) *w-- = '0'; } @@ -918,6 +928,8 @@ static int dprintf_formatf( precision */ size_t maxprec = sizeof(work) - 2; double val = p->data.dnum; + if(width > 0 && prec <= width) + maxprec -= width; while(val >= 10.0) { val /= 10; maxprec--; @@ -925,6 +937,8 @@ static int dprintf_formatf( if(prec > (long)maxprec) prec = (long)maxprec-1; + if(prec < 0) + prec = 0; /* RECURSIVE USAGE */ len = curl_msnprintf(fptr, left, ".%ld", prec); fptr += len; |