* src/numfmt.c (double_to_human): The printf format is built up in a stack buffer which is big enough to hold any of the possible formats. However the size parameter passed to snprintf was too big by 1 when GROUP was true. So decrease the buffer available to snprintf to avoid this theoretical in practise but valid coverity warning. --- src/numfmt.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/numfmt.c b/src/numfmt.c index e8f53fc..6091bb6 100644 --- a/src/numfmt.c +++ b/src/numfmt.c @@ -703,7 +703,7 @@ double_to_human (long double val, int precision, *pfmt++ = '\''; if (zero_padding_width) - pfmt += snprintf (pfmt, sizeof (fmt) - 1, "0%ld", zero_padding_width); + pfmt += snprintf (pfmt, sizeof (fmt) - 2, "0%ld", zero_padding_width); devmsg ("double_to_human:\n"); -- 1.7.7.6