From f52ad9a2e6ae0b55072f078e8d3668bf8ffe397a Mon Sep 17 00:00:00 2001
From: Yorhel <git@yorhel.nl>
Date: Tue, 29 Apr 2025 13:51:28 +0200
Subject: [PATCH] json_format(): Fix buffer overflow in float formatting

The ndigit argument to Gconvert() is the number of significant digits to
format, not the size of the output buffer. D'oh.
---
 c/jsonfmt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/c/jsonfmt.c b/c/jsonfmt.c
index fff3e4f..a6d46a4 100644
--- a/c/jsonfmt.c
+++ b/c/jsonfmt.c
@@ -244,7 +244,7 @@ static void fujson_fmt(pTHX_ fujson_fmt_ctx *ctx, SV *val) {
         if (isinfnan(nv)) croak("unable to format floating point NaN or Inf as JSON");
         /* XXX: Cpanel::JSON::XS appears to always append a ".0" for round numbers, other modules do not. */
         /* XXX#2: This doesn't support quadmath. Makefile.PL checks for that */
-        fustr_reserve(ctx->out, NV_DIG+1);
+        fustr_reserve(ctx->out, NV_DIG+32);
         Gconvert(nv, NV_DIG, 0, ctx->out->cur);
         ctx->out->cur += strlen(ctx->out->cur);
     } else if (SvIOKp(val)) {