Skip to content

Commit

Permalink
Fix out-of-bound access
Browse files Browse the repository at this point in the history
Get rid of out-of-bound access when single % at the end.
  • Loading branch information
nobu committed Mar 13, 2017
1 parent 191ee25 commit d8c4fe7
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 0 deletions.
1 change: 1 addition & 0 deletions mrbgems/mruby-sprintf/src/sprintf.c
Original file line number Diff line number Diff line change
Expand Up @@ -567,6 +567,7 @@ mrb_str_format(mrb_state *mrb, int argc, const mrb_value *argv, mrb_value fmt)
mrb_sym id = 0;

for (t = p; t < end && *t != '%'; t++) ;
if (t + 1 == end) ++t;
PUSH(p, t - p);
if (t >= end)
goto sprint_exit; /* end of fmt string */
Expand Down
11 changes: 11 additions & 0 deletions mrbgems/mruby-sprintf/test/sprintf.rb
Original file line number Diff line number Diff line change
Expand Up @@ -30,3 +30,14 @@ class Fixnum
end
end
end

assert("String#% invalid format") do
assert_raise ArgumentError do
"%?" % ""
end
end

assert("String#% invalid format shared substring") do
fmt = ("x"*30+"%!")[0...-1]
assert_equal fmt, sprintf(fmt, "")
end

0 comments on commit d8c4fe7

Please sign in to comment.