PennMUSH 1.8.3p11

Author: captdeaf@gmail.com
<captdeaf@gmail.com@ba372814-4f39-11de-9ad6-1127a62b9fcd>
Date:   Tue Dec 22 21:41:11 2009 +0000

    Fixed a crashbug in unparse_number reported by Ghost@M*U*S*H.
Fixes #154

diff --git a/src/unparse.c b/src/unparse.c
index 00ba9c23eb0753bf8f5b7042aa5aa9fea5898c96..07c9280df8fb047303bc38c774078f9d89646019 100644 (file)
--- a/src/unparse.c
+++ b/src/unparse.c
@@ -286,7 +286,6 @@ unparse_uinteger(uintmax_t num)
   return str;
 }
 
-
 /** Give a string representation of a number.
  * \param num value to stringify
  * \return address of static buffer containing stringified value.
@@ -294,9 +293,10 @@ unparse_uinteger(uintmax_t num)
 char *
 unparse_number(NVAL num)
 {
-  static char str[100];         /* Should be large enough for even the HUGE floats */
+  /* 100 is NOT large enough for even the huge floats */
+  static char str[1000];  /* Should be large enough for even the HUGE floats */
   char *p;
-  sprintf(str, "%.*f", FLOAT_PRECISION, num);
+  snprintf(str, 1000, "%.*f", FLOAT_PRECISION, num);
 
   if ((p = strchr(str, '.'))) {
     p += strlen(p);