diff options
author | Rich Felker <dalias@aerifal.cx> | 2023-11-21 16:33:15 -0500 |
---|---|---|
committer | Rich Felker <dalias@aerifal.cx> | 2023-11-21 16:33:15 -0500 |
commit | f47a5d400b8ffa26cfc5b345dbff52fec94ac7f3 (patch) | |
tree | 0abf081fdc2cff27c4e32a77dad1985c937ec7f6 /src/time | |
parent | f314e133929b6379eccc632bef32eaebb66a7335 (diff) | |
download | musl-f47a5d400b8ffa26cfc5b345dbff52fec94ac7f3.tar.gz musl-f47a5d400b8ffa26cfc5b345dbff52fec94ac7f3.tar.xz musl-f47a5d400b8ffa26cfc5b345dbff52fec94ac7f3.zip |
strftime: don't attempt to parse field width without seeing a digit
strtoul will consume leading whitespace or sign characters, which are not valid in this context, thereby accepting invalid field specifiers. so, avoid calling it unless there is a number to parse as the width.
Diffstat (limited to 'src/time')
-rw-r--r-- | src/time/strftime.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/time/strftime.c b/src/time/strftime.c index cc53d536..ef590903 100644 --- a/src/time/strftime.c +++ b/src/time/strftime.c @@ -3,6 +3,7 @@ #include <string.h> #include <langinfo.h> #include <locale.h> +#include <ctype.h> #include <time.h> #include <limits.h> #include "locale_impl.h" @@ -233,7 +234,7 @@ size_t __strftime_l(char *restrict s, size_t n, const char *restrict f, const st pad = 0; if (*f == '-' || *f == '_' || *f == '0') pad = *f++; if ((plus = (*f == '+'))) f++; - width = strtoul(f, &p, 10); + width = isdigit(*f) ? strtoul(f, &p, 10) : 0; if (*p == 'C' || *p == 'F' || *p == 'G' || *p == 'Y') { if (!width && p!=f) width = 1; } else { |