Merge branch 'fix/grm_is_number' into 'develop'

[GRM] Fix stack buffer overflow in the `is_number` util function See merge request Scientific-IT-Systems/gr!1314
kenhys · Jul 19, 2024 · e90b566 · e90b566
2 parents 516ad3f + c3cc283
commit e90b566
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/lib/grm/src/grm/dom_render/render.cxx b/lib/grm/src/grm/dom_render/render.cxx
@@ -12512,7 +12512,7 @@ static void tickLabelAdjustment(const std::shared_ptr<GRM::Element> &tick_group,
           char text_c[256];
           format_reference_t reference = {1, 1};
           int sc_format = 2;
-          const char minus[3] = {(char)0xe2, (char)0x88, (char)0x92}; // gr minus sign
+          const char minus[] = {(char)0xe2, (char)0x88, (char)0x92, '\0'}; // gr minus sign
           auto em_dash = std::string(minus);
           size_t start_pos = 0;
 
@@ -12528,7 +12528,7 @@ static void tickLabelAdjustment(const std::shared_ptr<GRM::Element> &tick_group,
 
           snprintf(text_c, 256, "%s", without_minus.c_str());
           text = gr_ftoa(text_c, atof(without_minus.c_str()), &reference);
-          text = em_dash + text;
+          if (start_pos != 0) text = em_dash + text;
           scientific_format = sc_format;
         }
     }

diff --git a/lib/grm/src/grm/utilcpp.cxx b/lib/grm/src/grm/utilcpp.cxx
@@ -98,7 +98,7 @@ std::complex<double> moivre(double r, int x, int n)
 
 bool is_number(std::string_view str)
 {
-  const char minus[3] = {(char)0xe2, (char)0x88, (char)0x92}; // gr minus sign
+  const char minus[] = {(char)0xe2, (char)0x88, (char)0x92, '\0'}; // gr minus sign
   auto em_dash = std::string(minus);
   size_t start_pos = 0;
   if (starts_with(str, em_dash))