romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-30 06:47:28 +03:00
Code Issues Projects Releases Packages Wiki Activity

mprintf: reject two kinds of precision for the same argument

Browse source 
An input like "%.*1$.9999d" would first use the precision taken as an
argument *and* then the precision specified in the string, which is
confusing and wrong. pass1 will now instead return error on this double
use.

Adjusted unit test 1398 to verify

Reported-by: Peter Goodman

Closes #9754
This commit is contained in:
Daniel Stenberg 2022-10-17 17:56:26 +02:00
parent f6b9971d73
commit dae84805de
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
2 changed files with 9 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
lib/mprintf.c
View file

@ -318,6 +318,11 @@ static int dprintf_Pass1(const char *format, struct va_stack *vto,
flags |= FLAGS_PREC;
precision = strtol(fmt, &fmt, 10);
}
if((flags & (FLAGS_PREC | FLAGS_PRECPARAM)) ==
(FLAGS_PREC | FLAGS_PRECPARAM))
/* it is not permitted to use both kinds of precision for the same
argument */
return 1;
break;
case 'h':
flags |= FLAGS_SHORT;