From 1f43445813fbcdb7405102ceda0529857ed20993 Mon Sep 17 00:00:00 2001 From: Laurence Withers Date: Fri, 4 Jan 2008 22:47:10 +0000 Subject: [PATCH] Fix bug where iso8601_print() could overrun... If a date with a timezone offset of 0 had a length exactly matching the buffer size, we would write past the end of the buffer. --- README | 6 ++++++ src/libiso8601/200_print.c | 8 ++------ 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/README b/README index 947ffbe..1e4734f 100644 --- a/README +++ b/README @@ -14,4 +14,10 @@ You might want to edit 'config' first. You might also want to set 'INSTALL_PREFIX', which is prepended onto the destination of any installed file. +Thanks +------ + +Robert Dunlop, + * found null terminating bug with iso8601_print() + @TODO@ diff --git a/src/libiso8601/200_print.c b/src/libiso8601/200_print.c index 69786a1..9998e2e 100644 --- a/src/libiso8601/200_print.c +++ b/src/libiso8601/200_print.c @@ -130,15 +130,11 @@ char* iso8601_print(char* str, int amt, const struct iso8601_date* date, break; } - if(ret < 1 || ret >= amt) return str_orig; + if(ret < 1 || (ret + 1) >= amt) return str_orig; str += ret; amt -= ret; if(details->tz_sec) { - if(!--amt) { - *str = 0; - return str_orig; - } if(details->tz_sec < 0) { *str++ = '-'; ret = -details->tz_sec; @@ -146,6 +142,7 @@ char* iso8601_print(char* str, int amt, const struct iso8601_date* date, *str++ = '+'; ret = details->tz_sec; } + --amt; y = ret / 3600; ret -= y * 3600; @@ -158,7 +155,6 @@ char* iso8601_print(char* str, int amt, const struct iso8601_date* date, else snprintf(str, amt, "%02d", y); } else { *str++ = 'Z'; - if(amt > 1) *str = 0; } return str_orig;