]> git.ipfire.org Git - thirdparty/coreutils.git/commitdiff
projects / thirdparty / coreutils.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c0756a3)
(vasnprintf) [!USE_SNPRINTF]: Correct the test for integer overflow.
authorJim Meyering <jim@meyering.net>
Mon, 7 Feb 2005 16:49:58 +0000 (16:49 +0000)
committerJim Meyering <jim@meyering.net>
Mon, 7 Feb 2005 16:49:58 +0000 (16:49 +0000)
lib/vasnprintf.c patch | blob | blame | history

diff --git a/lib/vasnprintf.c b/lib/vasnprintf.c
index d49bc559e9919751cf6f080d7b852cc6c92175de..c4c16646704ba1764af7bec7c8d0c80d8b418879 100644 (file)
--- a/lib/vasnprintf.c
+++ b/lib/vasnprintf.c
@@ -1,5 +1,5 @@
 /* vsprintf with automatic memory allocation.
-   Copyright (C) 1999, 2002-2004 Free Software Foundation, Inc.
+   Copyright (C) 1999, 2002-2005 Free Software Foundation, Inc.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
@@ -294,9 +294,10 @@ VASNPRINTF (CHAR_T *resultbuf, size_t *lengthp, const CHAR_T *format, va_list ar
 
                          do
                            {
-                             if (SIZE_MAX / 10 <= width)
+                             size_t w_tmp = width * 10 + (*digitp++ - '0');
+                             if (SIZE_MAX / 10 <= width || w_tmp < width)
                                goto out_of_memory;
-                             width = width * 10 + (*digitp++ - '0');
+                             width = w_tmp;
                            }
                          while (digitp != dp->width_end);
                        }
Mirror of https://git.savannah.gnu.org/git/coreutils.git