提交 1b62d880 编写于 作者: M Matt Caswell

Prevent an overflow when trying to print excessively big floats

We convert the integer part of the float to a long. We should check it
fits first.

Issue reported by Guido Vranken.

GitHub Issue #1102
Reviewed-by: NRichard Levitte <levitte@openssl.org>
上级 d6056f08
......@@ -561,9 +561,9 @@ fmtfp(char **sbuffer,
int padlen = 0;
int zpadlen = 0;
long exp = 0;
long intpart;
long fracpart;
long max10;
unsigned long intpart;
unsigned long fracpart;
unsigned long max10;
int realstyle;
if (max < 0)
......@@ -638,7 +638,11 @@ fmtfp(char **sbuffer,
fvalue = tmpvalue;
}
ufvalue = abs_val(fvalue);
intpart = (long)ufvalue;
if (ufvalue > ULONG_MAX) {
/* Number too big */
return 0;
}
intpart = (unsigned long)ufvalue;
/*
* sorry, we only support 9 digits past the decimal because of our
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册