git: da5b1c42c5aa - stable/13 - strfmon: Avoid an out-of-bounds access
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 01 Nov 2022 00:46:30 UTC
The branch stable/13 has been updated by kib:
URL: https://cgit.FreeBSD.org/src/commit/?id=da5b1c42c5aa6f2b4fe717ba50bf4780945fa8ca
commit da5b1c42c5aa6f2b4fe717ba50bf4780945fa8ca
Author: Jose Luis Duran <jlduran@gmail.com>
AuthorDate: 2022-10-13 15:51:27 +0000
Commit: Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2022-11-01 00:44:41 +0000
strfmon: Avoid an out-of-bounds access
(cherry picked from commit 9e03b903e377c75a60cbbb89ed78955769a1c804)
---
lib/libc/stdlib/strfmon.c | 5 +++--
lib/libc/tests/stdlib/strfmon_test.c | 2 +-
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/lib/libc/stdlib/strfmon.c b/lib/libc/stdlib/strfmon.c
index db51325bff9e..0f327585f5a2 100644
--- a/lib/libc/stdlib/strfmon.c
+++ b/lib/libc/stdlib/strfmon.c
@@ -239,8 +239,9 @@ vstrfmon_l(char * __restrict s, size_t maxsize, locale_t loc,
free(currency_symbol);
if (flags & USE_INTL_CURRENCY) {
currency_symbol = strdup(lc->int_curr_symbol);
- if (currency_symbol != NULL)
- space_char = *(currency_symbol+3);
+ if (currency_symbol != NULL &&
+ strlen(currency_symbol) > 3)
+ space_char = currency_symbol[3];
} else
currency_symbol = strdup(lc->currency_symbol);
diff --git a/lib/libc/tests/stdlib/strfmon_test.c b/lib/libc/tests/stdlib/strfmon_test.c
index 3e77a4f5290f..dc328e974bb8 100644
--- a/lib/libc/tests/stdlib/strfmon_test.c
+++ b/lib/libc/tests/stdlib/strfmon_test.c
@@ -197,7 +197,7 @@ ATF_TC_BODY(strfmon_international_currency_code, tc)
} tests[] = {
{ "en_US.UTF-8", "[USD 123.45]" }, /* XXX */
{ "de_DE.UTF-8", "[123,45 EUR ]" }, /* XXX */
- { "C", "[123.45]" }, /* XXX OOB access */
+ { "C", "[123.45]" },
};
size_t i;
char actual[100];