Fixed infinite loop in SDL_vsnprintf() if the format string is too large for the output buffer

Fixes https://github.com/libsdl-org/SDL/issues/4940
This commit is contained in:
Sam Lantinga 2021-11-10 09:48:49 -08:00
parent d5032582e0
commit dc4c7d9539
2 changed files with 8 additions and 1 deletions

View File

@ -1887,8 +1887,9 @@ SDL_vsnprintf(SDL_OUT_Z_CAP(maxlen) char *text, size_t maxlen, const char *fmt,
} }
} else { } else {
if (length < maxlen) { if (length < maxlen) {
text[length] = *fmt++; text[length] = *fmt;
} }
++fmt;
++length; ++length;
} }
} }

View File

@ -64,6 +64,12 @@ stdlib_snprintf(void *arg)
SDLTest_AssertPass("Call to SDL_snprintf(NULL, 0, \"%%s\", \"foo\")"); SDLTest_AssertPass("Call to SDL_snprintf(NULL, 0, \"%%s\", \"foo\")");
SDLTest_AssertCheck(result == 3, "Check result value, expected: 3, got: %d", result); SDLTest_AssertCheck(result == 3, "Check result value, expected: 3, got: %d", result);
result = SDL_snprintf(text, 2, "%s\n", "foo");
expected = "f";
SDLTest_AssertPass("Call to SDL_snprintf(\"%%s\\n\", \"foo\") with buffer size 2");
SDLTest_AssertCheck(SDL_strcmp(text, expected) == 0, "Check text, expected: %s, got: %s", expected, text);
SDLTest_AssertCheck(result == 4, "Check result value, expected: 4, got: %d", result);
result = SDL_snprintf(text, sizeof(text), "%f", 0.0); result = SDL_snprintf(text, sizeof(text), "%f", 0.0);
predicted = SDL_snprintf(NULL, 0, "%f", 0.0); predicted = SDL_snprintf(NULL, 0, "%f", 0.0);
expected = "0.000000"; expected = "0.000000";