vndb/fu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

json_format(): Fix buffer overflow in float formatting

Browse source 
The ndigit argument to Gconvert() is the number of significant digits to
format, not the size of the output buffer. D'oh.
This commit is contained in:
Yorhel 2025-04-29 13:51:28 +02:00
parent f8b0043e22
commit f52ad9a2e6
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
c/jsonfmt.c
View file

@ -244,7 +244,7 @@ static void fujson_fmt(pTHX_ fujson_fmt_ctx *ctx, SV *val) {
if (isinfnan(nv)) croak("unable to format floating point NaN or Inf as JSON"); if (isinfnan(nv)) croak("unable to format floating point NaN or Inf as JSON");
/* XXX: Cpanel::JSON::XS appears to always append a ".0" for round numbers, other modules do not. */ /* XXX: Cpanel::JSON::XS appears to always append a ".0" for round numbers, other modules do not. */
/* XXX#2: This doesn't support quadmath. Makefile.PL checks for that */ /* XXX#2: This doesn't support quadmath. Makefile.PL checks for that */
fustr_reserve(ctx->out, NV_DIG+1); fustr_reserve(ctx->out, NV_DIG+32);
Gconvert(nv, NV_DIG, 0, ctx->out->cur); Gconvert(nv, NV_DIG, 0, ctx->out->cur);
ctx->out->cur += strlen(ctx->out->cur); ctx->out->cur += strlen(ctx->out->cur);
} else if (SvIOKp(val)) { } else if (SvIOKp(val)) {