num2str: ensure we never access postfix[] out-of-bounds
Signed-off-by: Jens Axboe <axboe@fb.com>
diff --git a/lib/num2str.c b/lib/num2str.c
index 12d6f39..8961868 100644
--- a/lib/num2str.c
+++ b/lib/num2str.c
@@ -4,6 +4,8 @@
#include "../fio.h"
+#define ARRAY_LENGTH(arr) sizeof(arr) / sizeof((arr)[0])
+
/*
* Cheesy number->string conversion, complete with carry rounding error.
*/
@@ -46,6 +48,9 @@
if (modulo == -1U) {
done:
+ if (post_index >= ARRAY_LENGTH(postfix))
+ post_index = 0;
+
sprintf(buf, "%lu%s%s", num, postfix[post_index],
byte_postfix[byte_post_index]);
return buf;