File 0259-Fix-size-of-fmt_double-s-format_str-buffer.patch of Package erlang
From cac015e654dbb3ab538cb26486115c4c9b4fc210 Mon Sep 17 00:00:00 2001
From: Mikael Pettersson <mikpelinux@gmail.com>
Date: Mon, 5 Feb 2018 21:41:07 +0100
Subject: [PATCH] Fix size of fmt_double()'s format_str[] buffer
fmt_double() may write up to 8 characters into its format_str[]
buffer, which however only has room for 7 characters.
This case could be triggered by a call to erts_printf_format() with
any floating-point format that also includes #, and + or a space,
which may be uncommon, but a nif or driver could issue it.
---
erts/lib_src/common/erl_printf_format.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/erts/lib_src/common/erl_printf_format.c b/erts/lib_src/common/erl_printf_format.c
index 3302083288..5a680d6f9d 100644
--- a/erts/lib_src/common/erl_printf_format.c
+++ b/erts/lib_src/common/erl_printf_format.c
@@ -326,7 +326,7 @@ static int fmt_double(fmtfn_t fn,void*arg,double val,
{
int res;
int fi = 0;
- char format_str[7];
+ char format_str[8];
char sbuf[32];
char *bufp = sbuf;
double dexp;
--
2.16.1