From d8c4fe7bcb07b4268184b526652311f28f0ce3a5 Mon Sep 17 00:00:00 2001
From: Nobuyoshi Nakada <nobu@ruby-lang.org>
Date: Mon, 13 Mar 2017 23:49:49 +0900
Subject: Fix out-of-bound access

Get rid of out-of-bound access when single % at the end.
---
 mrbgems/mruby-sprintf/src/sprintf.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'mrbgems/mruby-sprintf/src')

diff --git a/mrbgems/mruby-sprintf/src/sprintf.c b/mrbgems/mruby-sprintf/src/sprintf.c
index cc00198d0..09a26f827 100644
--- a/mrbgems/mruby-sprintf/src/sprintf.c
+++ b/mrbgems/mruby-sprintf/src/sprintf.c
@@ -567,6 +567,7 @@ mrb_str_format(mrb_state *mrb, int argc, const mrb_value *argv, mrb_value fmt)
     mrb_sym id = 0;
 
     for (t = p; t < end && *t != '%'; t++) ;
+    if (t + 1 == end) ++t;
     PUSH(p, t - p);
     if (t >= end)
       goto sprint_exit; /* end of fmt string */
-- 
cgit v1.2.3