From: Greg King Date: Thu, 9 Jul 2015 18:46:28 +0000 (-0400) Subject: Made some string output functions reject an invalid NULL buffer pointer. X-Git-Tag: V2.16~247^2~3 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=146daa1d0a43883bfa22ddfbb571b3d649c6465e;p=cc65 Made some string output functions reject an invalid NULL buffer pointer. --- diff --git a/libsrc/common/vsnprintf.s b/libsrc/common/vsnprintf.s index 94ad072ca..01bcd6406 100644 --- a/libsrc/common/vsnprintf.s +++ b/libsrc/common/vsnprintf.s @@ -86,9 +86,16 @@ L1: dex sta bufptr+0 stx bufptr+1 +; There must be a buffer if its size is non-zero. + + bit bufsize+1 + bmi L5 + ora bufptr+1 + bze L0 ; The pointer shouldn't be NULL + ; Restore ap and call _printf - pla +L5: pla tax pla jsr __printf @@ -125,6 +132,11 @@ L4: lda ccount+0 ; Bail out if size is too high. L9: lda #ERANGE + .byte $2C ;(bit $xxxx) + +; NULL buffer pointers usually are invalid. + +L0: lda #EINVAL jsr __directerrno ; Return -1 jmp incsp6 ; Drop parameters