* mdocml: Prevent unsigned integer underflow when a number is too wide for
@ 2014-12-24 15:39 schwarze
0 siblings, 0 replies; only message in thread
From: schwarze @ 2014-12-24 15:39 UTC (permalink / raw)
To: source
Log Message:
-----------
Prevent unsigned integer underflow when a number is too wide
for a table cell with an "nz" layout specification,
causing essentially infinite output as found by jsg@ with afl.
Modified Files:
--------------
mdocml:
tbl_term.c
Revision Data
-------------
Index: tbl_term.c
===================================================================
RCS file: /home/cvs/mdocml/mdocml/tbl_term.c,v
retrieving revision 1.31
retrieving revision 1.32
diff -Ltbl_term.c -Ltbl_term.c -u -p -r1.31 -r1.32
--- tbl_term.c
+++ tbl_term.c
@@ -417,9 +417,13 @@ tbl_number(struct termp *tp, const struc
} else
d = sz + psz;
- padl = col->decimal - d;
-
- tbl_char(tp, ASCII_NBRSP, padl);
+ if (col->decimal > d && col->width > sz) {
+ padl = col->decimal - d;
+ if (padl + sz > col->width)
+ padl = col->width - sz;
+ tbl_char(tp, ASCII_NBRSP, padl);
+ } else
+ padl = 0;
tbl_word(tp, dp);
if (col->width > sz + padl)
tbl_char(tp, ASCII_NBRSP, col->width - sz - padl);
--
To unsubscribe send an email to source+unsubscribe@mdocml.bsd.lv
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2014-12-24 15:39 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-12-24 15:39 mdocml: Prevent unsigned integer underflow when a number is too wide for schwarze
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).