Don't access a C string past precision in printf (#1595)

fmtlib · Apr 22, 2020 · 0ca0d03 · 0ca0d03
1 parent 7d748a6
commit 0ca0d03
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 0 deletions.
diff --git a/include/fmt/printf.h b/include/fmt/printf.h
@@ -141,6 +141,13 @@ template <typename Context> class char_converter {
   void operator()(T) {}  // No conversion needed for non-integral types.
 };
 
+// An argument visitor that return a pointer to a C string if argument is a
+// string or null otherwise.
+template <typename Char> struct get_cstring {
+  template <typename T> const Char* operator()(T value) { return nullptr; }
+  const Char* operator()(const Char* s) { return s; }
+};
+
 // Checks if an argument is a valid printf width specifier and sets
 // left alignment if it is negative.
 template <typename Char> class printf_width_handler {
@@ -561,6 +568,14 @@ OutputIt basic_printf_context<OutputIt, Char>::format() {
         break;
       }
     }
+    if (specs.precision >= 0 &&
+        arg.type() == fmt::internal::type::cstring_type) {
+      auto str = visit_format_arg(internal::get_cstring<Char>(), arg);
+      auto end = str + specs.precision;
+      auto nul = std::find(str, end, Char());
+      arg = internal::make_arg<basic_printf_context>(basic_string_view<Char>(
+          str, nul != end ? nul - str : specs.precision));
+    }
 
     start = it;
 

diff --git a/test/printf-test.cc b/test/printf-test.cc
@@ -259,6 +259,11 @@ TEST(PrintfTest, FloatPrecision) {
   EXPECT_PRINTF(buffer, "%.3a", 1234.5678);
 }
 
+TEST(PrintfTest, StringPrecision) {
+  char test[] = {'H', 'e', 'l', 'l', 'o'};
+  EXPECT_EQ(fmt::sprintf("%.4s", test), "Hell");
+}
+
 TEST(PrintfTest, IgnorePrecisionForNonNumericArg) {
   EXPECT_PRINTF("abc", "%.5s", "abc");
 }