From 71684d1e87f773d755ee2ce089f353296ebef998 Mon Sep 17 00:00:00 2001 From: Brad Anderson Date: Thu, 14 Jun 2012 22:53:41 -0600 Subject: [PATCH] ComplexExp::toChars fills wrong buffers on non-GDC Resulted in uninitialized buffers being used in the subsequent sprintf (potential buffer overflow). --- src/expression.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/expression.c b/src/expression.c index aa7f0b3747ab..cba0b4f072d4 100644 --- a/src/expression.c +++ b/src/expression.c @@ -2528,8 +2528,8 @@ char *ComplexExp::toChars() creall(value).format(buf1, sizeof(buf1)); cimagl(value).format(buf2, sizeof(buf2)); #else - ld_sprint(buffer, 'g', creall(value)); - ld_sprint(buffer, 'g', cimagl(value)); + ld_sprint(buf1, 'g', creall(value)); + ld_sprint(buf2, 'g', cimagl(value)); #endif sprintf(buffer, "(%s+%si)", buf1, buf2); assert(strlen(buffer) < sizeof(buffer));