projects / musl / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
don't crash on null strings in printf
[musl] / src / stdio / vfprintf.c
diff --git a/src/stdio/vfprintf.c b/src/stdio/vfprintf.c
index f19058d..b5001ff 100644 (file)
--- a/src/stdio/vfprintf.c
+++ b/src/stdio/vfprintf.c
@@ -326,9 +326,10 @@ static int fmt_fp(FILE *f, long double y, int w, int p, int fl, int t)
                if (x || d+1!=z) {
                        long double round = CONCAT(0x1p,LDBL_MANT_DIG);
                        long double small;
-                       if (x<i/2) small=0x01p-1;
-                       else if (i==i/2 && d+1==z) small=0x10p-1;
-                       else small=0x11p-1;
+                       if (*d/i & 1) round += 2;
+                       if (x<i/2) small=0x0.8p0;
+                       else if (x==i/2 && d+1==z) small=0x1.0p0;
+                       else small=0x1.8p0;
                        if (pl && *prefix=='-') round*=-1, small*=-1;
                        *d -= x;
                        /* Decide whether to round by probing round+small */
@@ -551,7 +552,7 @@ static int printf_core(FILE *f, const char *fmt, va_list *ap, union arg *nl_arg,
                        fl |= ALT_FORM;
                case 'x': case 'X':
                        a = fmt_x(arg.i, z, t&32);
-                       if (fl & ALT_FORM) prefix+=(t>>4), pl=2;
+                       if (arg.i && (fl & ALT_FORM)) prefix+=(t>>4), pl=2;
                        if (0) {
                case 'o':
                        a = fmt_o(arg.i, z);
@@ -569,8 +570,11 @@ static int printf_core(FILE *f, const char *fmt, va_list *ap, union arg *nl_arg,
                case 'u':
                        a = fmt_u(arg.i, z);
                        }
-                       if (!arg.i && !p) continue;
                        if (p>=0) fl &= ~ZERO_PAD;
+                       if (!arg.i && !p) {
+                               a=z;
+                               break;
+                       }
                        p = MAX(p, z-a + !arg.i);
                        break;
                case 'c':
@@ -580,7 +584,7 @@ static int printf_core(FILE *f, const char *fmt, va_list *ap, union arg *nl_arg,
                case 'm':
                        if (1) a = strerror(errno); else
                case 's':
-                       a = arg.p;
+                       a = arg.p ? arg.p : "(null)";
                        z = memchr(a, 0, p);
                        if (!z) z=a+p;
                        else p=z-a;
musl