aboutsummaryrefslogtreecommitdiff
path: root/lib/libc
diff options
context:
space:
mode:
authorJose Luis Duran <jlduran@gmail.com>2022-10-13 15:51:27 +0000
committerKonstantin Belousov <kib@FreeBSD.org>2022-11-01 00:44:41 +0000
commitda5b1c42c5aa6f2b4fe717ba50bf4780945fa8ca (patch)
tree0dc8c7409433567e458408ed4bc3ffe4c7a108d5 /lib/libc
parent96ef02d4a3ed6bc6a49c49b31c2cf8914f5b48a8 (diff)
strfmon: Avoid an out-of-bounds access
(cherry picked from commit 9e03b903e377c75a60cbbb89ed78955769a1c804)
Diffstat (limited to 'lib/libc')
-rw-r--r--lib/libc/stdlib/strfmon.c5
-rw-r--r--lib/libc/tests/stdlib/strfmon_test.c2
2 files changed, 4 insertions, 3 deletions
diff --git a/lib/libc/stdlib/strfmon.c b/lib/libc/stdlib/strfmon.c
index db51325bff9e..0f327585f5a2 100644
--- a/lib/libc/stdlib/strfmon.c
+++ b/lib/libc/stdlib/strfmon.c
@@ -239,8 +239,9 @@ vstrfmon_l(char * __restrict s, size_t maxsize, locale_t loc,
free(currency_symbol);
if (flags & USE_INTL_CURRENCY) {
currency_symbol = strdup(lc->int_curr_symbol);
- if (currency_symbol != NULL)
- space_char = *(currency_symbol+3);
+ if (currency_symbol != NULL &&
+ strlen(currency_symbol) > 3)
+ space_char = currency_symbol[3];
} else
currency_symbol = strdup(lc->currency_symbol);
diff --git a/lib/libc/tests/stdlib/strfmon_test.c b/lib/libc/tests/stdlib/strfmon_test.c
index 3e77a4f5290f..dc328e974bb8 100644
--- a/lib/libc/tests/stdlib/strfmon_test.c
+++ b/lib/libc/tests/stdlib/strfmon_test.c
@@ -197,7 +197,7 @@ ATF_TC_BODY(strfmon_international_currency_code, tc)
} tests[] = {
{ "en_US.UTF-8", "[USD 123.45]" }, /* XXX */
{ "de_DE.UTF-8", "[123,45 EUR ]" }, /* XXX */
- { "C", "[123.45]" }, /* XXX OOB access */
+ { "C", "[123.45]" },
};
size_t i;
char actual[100];
generated by cgit v1.2.3 (git 2.25.1) at 2025-03-10 20:56:07 +0000