Skip to content

Commit

Permalink
Fix a buffer overrun on Linux/PPC64.
Browse files Browse the repository at this point in the history 
The buffer in realToMangleBuffer() is too small for longdouble values.
It produces strings like 0X1.599999999999999999999999998P+1 or
0X1.999999999999999999999999998P-4 which have a length of 34. This
results in an ICE e.g. in the unit test of std.range.
  • Loading branch information
@redstar
redstar committed Mar 24, 2013
1 parent 618d827 commit f0f6fa0
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/expression.c
View file
Expand Up @@ -2669,7 +2669,7 @@ void realToMangleBuffer(OutBuffer *buf, real_t value)
buf->writestring("NAN"); // no -NAN bugs
else
{
char buffer[32];
char buffer[36];
int n = ld_sprint(buffer, 'A', value);
assert(n > 0 && n < sizeof(buffer));
for (int i = 0; i < n; i++)
Expand Down

0 comments on commit f0f6fa0

Please sign in to comment.