From 98f6c00dad96d3150a9b969a0ee67addc78ac5f0 Mon Sep 17 00:00:00 2001
From: Jay Berkenbilt <ejb@ql.org>
Date: Wed, 21 Oct 2020 15:29:28 -0400
Subject: Protect numeric conversion against user's locale (fixes #459)

---
 libqpdf/BufferInputSource.cc | 1 +
 libqpdf/OffsetInputSource.cc | 1 +
 libqpdf/QPDF.cc              | 1 +
 libqpdf/QUtil.cc             | 3 +++
 4 files changed, 6 insertions(+)

(limited to 'libqpdf')

diff --git a/libqpdf/BufferInputSource.cc b/libqpdf/BufferInputSource.cc
index 9e141510..fb4010ef 100644
--- a/libqpdf/BufferInputSource.cc
+++ b/libqpdf/BufferInputSource.cc
@@ -108,6 +108,7 @@ BufferInputSource::range_check(qpdf_offset_t cur, qpdf_offset_t delta)
         ((std::numeric_limits<qpdf_offset_t>::max() - cur) < delta))
     {
         std::ostringstream msg;
+        msg.imbue(std::locale::classic());
         msg << "seeking forward from " << cur
             << " by " << delta
             << " would cause an overflow of the offset type";
diff --git a/libqpdf/OffsetInputSource.cc b/libqpdf/OffsetInputSource.cc
index b6dae255..88eca4e4 100644
--- a/libqpdf/OffsetInputSource.cc
+++ b/libqpdf/OffsetInputSource.cc
@@ -47,6 +47,7 @@ OffsetInputSource::seek(qpdf_offset_t offset, int whence)
         if (offset > this->max_safe_offset)
         {
             std::ostringstream msg;
+            msg.imbue(std::locale::classic());
             msg << "seeking to " << offset
                 << " offset by " << global_offset
                 << " would cause an overflow of the offset type";
diff --git a/libqpdf/QPDF.cc b/libqpdf/QPDF.cc
index 2ebf88b0..1cbef133 100644
--- a/libqpdf/QPDF.cc
+++ b/libqpdf/QPDF.cc
@@ -1220,6 +1220,7 @@ QPDF::processXRefStream(qpdf_offset_t xref_offset, QPDFObjectHandle& xref_obj)
             ((std::numeric_limits<int>::max() - obj) < chunk_count))
         {
             std::ostringstream msg;
+            msg.imbue(std::locale::classic());
             msg << "adding " << chunk_count << " to " << obj
                 << " while computing index in xref stream would cause"
                 << " an integer overflow";
diff --git a/libqpdf/QUtil.cc b/libqpdf/QUtil.cc
index 072a939c..366365f1 100644
--- a/libqpdf/QUtil.cc
+++ b/libqpdf/QUtil.cc
@@ -21,6 +21,7 @@
 #include <string.h>
 #include <fcntl.h>
 #include <memory>
+#include <locale>
 #ifndef QPDF_NO_WCHAR_T
 # include <cwchar>
 #endif
@@ -267,6 +268,7 @@ int_to_string_base_internal(T num, int base, int length)
             "int_to_string_base called with unsupported base");
     }
     std::ostringstream buf;
+    buf.imbue(std::locale::classic());
     buf << std::setbase(base) << std::nouppercase << num;
     std::string result;
     int str_length = QIntC::to_int(buf.str().length());
@@ -318,6 +320,7 @@ QUtil::double_to_string(double num, int decimal_places)
         decimal_places = 6;
     }
     std::ostringstream buf;
+    buf.imbue(std::locale::classic());
     buf << std::setprecision(decimal_places) << std::fixed << num;
     return buf.str();
 }
-- 
cgit v1.2.3-54-g00ecf