summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog9
-rw-r--r--missing/vsnprintf.c10
-rw-r--r--sprintf.c4
3 files changed, 19 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index fc20ff9d6b..9bd88e233e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+Tue Dec 23 00:16:48 2008 Yusuke Endoh <mame@tsg.ne.jp>
+
+ * sprintf.c (rb_str_format): fix buffer overflow.
+
+Mon Dec 22 12:25:09 2008 Nobuyoshi Nakada <nobu@ruby-lang.org>
+
+ * missing/vsnprintf.c (BSD_vfprintf): fix for test_sprintf_comb.rb, by
+ wanabe in [ruby-dev:36935].
+
Mon Dec 22 12:05:14 2008 Nobuyoshi Nakada <nobu@ruby-lang.org>
* configure.in (mingw): no longer uses snprintf and vsnprintf of
diff --git a/missing/vsnprintf.c b/missing/vsnprintf.c
index c4326b4634..1ea2f143c2 100644
--- a/missing/vsnprintf.c
+++ b/missing/vsnprintf.c
@@ -753,6 +753,8 @@ reswitch: switch (ch) {
#ifdef FLOATING_POINT
case 'e': /* anomalous precision */
case 'E':
+ if (prec != 0)
+ flags |= ALT;
prec = (prec == -1) ?
DEFPREC + 1 : prec + 1;
/* FALLTHROUGH */
@@ -782,7 +784,7 @@ fp_begin: _double = va_arg(ap, double);
cp = cvt(_double, prec, flags, &softsign,
&expt, ch, &ndig);
if (ch == 'g' || ch == 'G') {
- if (expt <= -4 || expt > prec)
+ if (expt <= -4 || (expt > prec && expt > 1))
ch = (ch == 'g') ? 'e' : 'E';
else
ch = 'g';
@@ -798,6 +800,8 @@ fp_begin: _double = va_arg(ap, double);
size = expt;
if (prec || flags & ALT)
size += prec + 1;
+ } else if (!prec) { /* "0" */
+ size = 1;
} else /* "0.X" */
size = prec + 2;
} else if (expt >= ndig) { /* fixed g fmt */
@@ -1008,13 +1012,15 @@ number: if ((dprec = prec) >= 0)
if (ch >= 'f') { /* 'f' or 'g' */
if (_double == 0) {
/* kludge for __dtoa irregularity */
- if (prec == 0 ||
+ if (ndig <= 1 &&
(flags & ALT) == 0) {
PRINT("0", 1);
} else {
PRINT("0.", 2);
PAD(ndig - 1, zeroes);
}
+ } else if (expt == 0 && ndig == 0 && (flags & ALT) == 0) {
+ PRINT("0", 1);
} else if (expt <= 0) {
PRINT("0.", 2);
PAD(-expt, zeroes);
diff --git a/sprintf.c b/sprintf.c
index 1195f9b17b..cc8f097e5b 100644
--- a/sprintf.c
+++ b/sprintf.c
@@ -979,8 +979,8 @@ rb_str_format(int argc, const VALUE *argv, VALUE fmt)
if ((flags & FWIDTH) && need < width)
need = width;
- CHECK(need);
- snprintf(&buf[blen], need, "%*s", need, "");
+ CHECK(need + 1);
+ snprintf(&buf[blen], need + 1, "%*s", need, "");
if (flags & FMINUS) {
if (!isnan(fval) && fval < 0.0)
buf[blen++] = '-';
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 21:52:29 +0000