diff options
author | Rich Felker <dalias@aerifal.cx> | 2014-04-07 01:36:40 -0400 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2014-04-07 01:36:40 -0400 |
commit | 109048e031f39fbb370211fde44ababf6c04c8fb (patch) | |
tree | 7974ab603f1c7e6aa3bc081202ac530b7fa5ad82 /src/linux/quotactl.c | |
parent | 7e8b0761e57266f40b8d51105b84c50e504e89c5 (diff) | |
download | musl-109048e031f39fbb370211fde44ababf6c04c8fb.tar.gz musl-109048e031f39fbb370211fde44ababf6c04c8fb.tar.bz2 musl-109048e031f39fbb370211fde44ababf6c04c8fb.tar.xz musl-109048e031f39fbb370211fde44ababf6c04c8fb.zip |
fix carry into uninitialized slots during printf floating point rounding
in cases where rounding caused a carry, the slot into which the carry
was taking place was unconditionally treated as valid, despite the
possibility that it could be a new slot prior to the beginning of the
existing non-rounded number. in theory this could lead to unbounded
runaway carry, but in order for that to happen, the whole
uninitialized buffer would need to have been pre-filled with 32-bit
integer values greater than or equal to 999999999.
patch based on proposed fix by Morten Welinder, who also discovered
and reported the bug.
Diffstat (limited to 'src/linux/quotactl.c')
0 files changed, 0 insertions, 0 deletions