svn commit: trunk/busybox/libbb

[landley at busybox.net]

Author: landley
Date: 2006-07-10 17:44:36 -0700 (Mon, 10 Jul 2006)
New Revision: 15683

Log:
Denis Vlasenko spotted the lack of bounds checking in my first attempt at
itoa/utoa.


Modified:
   trunk/busybox/libbb/xfuncs.c


Changeset:
Modified: trunk/busybox/libbb/xfuncs.c
===================================================================
--- trunk/busybox/libbb/xfuncs.c	2006-07-10 22:28:09 UTC (rev 15682)
+++ trunk/busybox/libbb/xfuncs.c	2006-07-11 00:44:36 UTC (rev 15683)
@@ -237,19 +237,21 @@
 // http://www.unix.org/whitepapers/64bit.html
 static char local_buf[12];
 
-void utoa_to_buf(unsigned n, char *buf, int buflen)
+void utoa_to_buf(unsigned n, char *buf, unsigned buflen)
 {
 	int i, out = 0;
-	for (i=1000000000; i; i/=10) {
-		int res = n/i;
+	if (buflen) {
+		for (i=1000000000; i; i/=10) {
+			int res = n/i;
 
-		if (res || out || i == 1) {
-			out++;
-			n -= res*i;
-			*buf++ = '0' + res;
+			if ((res || out || i == 1) && --buflen>0) {
+				out++;
+				n -= res*i;
+				*buf++ = '0' + res;
+			}
 		}
+		*buf = 0;
 	}
-	*buf = 0;
 }
 
 // Note: uses static buffer, calling it twice in a row will overwrite.
@@ -261,11 +263,12 @@
 	return local_buf;
 }
 
-void itoa_to_buf(int n, char *buf, int buflen)
+void itoa_to_buf(int n, char *buf, unsigned buflen)
 {
-	if (n<0) {
+	if (buflen && n<0) {
 		n = -n;
 		*buf++ = '-';
+		buflen--;
 	}
 	utoa_to_buf((unsigned)n, buf, buflen);
 }