git: da5b1c42c5aa - stable/13 - strfmon: Avoid an out-of-bounds access
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 01 Nov 2022 00:46:30 UTC
The branch stable/13 has been updated by kib: URL: https://cgit.FreeBSD.org/src/commit/?id=da5b1c42c5aa6f2b4fe717ba50bf4780945fa8ca commit da5b1c42c5aa6f2b4fe717ba50bf4780945fa8ca Author: Jose Luis Duran <jlduran@gmail.com> AuthorDate: 2022-10-13 15:51:27 +0000 Commit: Konstantin Belousov <kib@FreeBSD.org> CommitDate: 2022-11-01 00:44:41 +0000 strfmon: Avoid an out-of-bounds access (cherry picked from commit 9e03b903e377c75a60cbbb89ed78955769a1c804) --- lib/libc/stdlib/strfmon.c | 5 +++-- lib/libc/tests/stdlib/strfmon_test.c | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/libc/stdlib/strfmon.c b/lib/libc/stdlib/strfmon.c index db51325bff9e..0f327585f5a2 100644 --- a/lib/libc/stdlib/strfmon.c +++ b/lib/libc/stdlib/strfmon.c @@ -239,8 +239,9 @@ vstrfmon_l(char * __restrict s, size_t maxsize, locale_t loc, free(currency_symbol); if (flags & USE_INTL_CURRENCY) { currency_symbol = strdup(lc->int_curr_symbol); - if (currency_symbol != NULL) - space_char = *(currency_symbol+3); + if (currency_symbol != NULL && + strlen(currency_symbol) > 3) + space_char = currency_symbol[3]; } else currency_symbol = strdup(lc->currency_symbol); diff --git a/lib/libc/tests/stdlib/strfmon_test.c b/lib/libc/tests/stdlib/strfmon_test.c index 3e77a4f5290f..dc328e974bb8 100644 --- a/lib/libc/tests/stdlib/strfmon_test.c +++ b/lib/libc/tests/stdlib/strfmon_test.c @@ -197,7 +197,7 @@ ATF_TC_BODY(strfmon_international_currency_code, tc) } tests[] = { { "en_US.UTF-8", "[USD 123.45]" }, /* XXX */ { "de_DE.UTF-8", "[123,45 EUR ]" }, /* XXX */ - { "C", "[123.45]" }, /* XXX OOB access */ + { "C", "[123.45]" }, }; size_t i; char actual[100];