number_serialiser::deserialise returns wrong result due to buffer not being null terminated

tfussell / xlnt

:bar_chart: Cross-platform user-friendly xlsx library for C++11+

Other

1.43k stars 402 forks source link

number_serialiser::deserialise returns wrong result due to buffer not being null terminated #714

Open m7913d opened 10 months ago

m7913d commented 10 months ago

Random numbers may be appended to the parsed number: f.ex. "1.2" may be parsed as 1.29 if should_convert_comma is true.

The problem is that the char buf[30]; is never initialised, nor the null terminator is copied from the source string. Doing one of both fixes the issue.