[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/2] printf: fix heap buffer overflow in printf_builtin
|
From: |
Chet Ramey |
|
Subject: |
Re: [PATCH 1/2] printf: fix heap buffer overflow in printf_builtin |
|
Date: |
Sat, 31 Aug 2024 15:28:42 -0400 |
|
User-agent: |
Mozilla Thunderbird |
On 8/30/24 10:41 AM, Martin D Kealey wrote:
Hi Andrei
Ok, I see the problem.
This fault is triggered when the format string has '%(' but is missing the
closing ')' - so the entire remainder of the format string is tentatively
recorded as the time-format substring.
Yes.
This line:
if (*++fmt != 'T')
should be changed to:
if (n > 0 || *++fmt != 'T')
I prefer checking whether *fmt == ')', which is equivalent but clearer.
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU chet@case.edu http://tiswww.cwru.edu/~chet/
OpenPGP_signature.asc
Description: OpenPGP digital signature