This is a live mirror of the Perl 5 development currently hosted at https://github.com/perl/perl5
Perl_sv_vcatpvfn_flags: avoid a potential wrap
In the floating-point hex (%a) code, it checks whether the requested
precision is smaller than the hex buf size. It does this by casting
(precis + 1) to signed. Since precis can be any user-supplied value,
this can wrap. Instead, cast the (buffer_length - 1) to unsigned, since
this is bounded to a small constant value > 1.
In practise this makes no difference currently, as a large precis will
have caused a malloc panic earlier anyway. But that might change in
future.