Document CVE-2024-2961
[glibc.git] / stdio-common / tst-grouping3.c
blob28eb2305ba7bd92f3fcaec449b947ecb499010c1
1 /* Test printf with grouping and padding (bug 30068)
2 Copyright (C) 2023-2024 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <https://www.gnu.org/licenses/>. */
19 #include <locale.h>
20 #include <stdio.h>
21 #include <support/check.h>
22 #include <support/support.h>
24 static int
25 do_test (void)
27 char buf[80];
29 xsetlocale (LC_NUMERIC, "de_DE.UTF-8");
31 /* The format string has the following conversion specifier:
32 ' - Use thousands grouping.
33 + - The result of a signed conversion shall begin with a sign.
34 - - Left justified.
35 13 - Minimum 13 bytes of width.
36 9 - Minimum 9 digits of precision.
38 In bug 30068 the grouping characters were not accounted for in
39 the width, and were added after the fact resulting in a 15-byte
40 output instead of a 13-byte output. The two additional bytes
41 come from the locale-specific thousands separator. This increase
42 in size could result in a buffer overflow if a reasonable caller
43 calculated the size of the expected buffer using nl_langinfo to
44 determine the sie of THOUSEP in bytes.
46 This bug is distinct from bug 23432 which has to do with the
47 minimum precision calculation (digit based). */
48 sprintf (buf, "%+-'13.9d", 1234567);
49 TEST_COMPARE_STRING (buf, "+001.234.567 ");
51 return 0;
54 #include <support/test-driver.c>