Fix buffer underrun in fixed with SSE

vitaut · vitaut · commit 25bd96ee970e · 2026-01-25T11:05:26.000-08:00
diff --git a/test/zmij-test.cc b/test/zmij-test.cc
@@ -36,9 +36,11 @@ auto write(char* out, size_t n, float value) noexcept -> size_t {
 
 
 auto dtoa(double value) -> std::string {
-  char buffer[zmij::double_buffer_size] = {};
-  auto n = zmij::write(buffer, sizeof(buffer), value);
-  return {buffer, n};
+  char buffer[zmij::double_buffer_size + 1] = {};
+  memset(buffer, '?', sizeof(buffer));
+  auto n = zmij::write(buffer + 1, sizeof(buffer), value);
+  if (buffer[0] != '?') throw std::runtime_error("buffer underrun");
+  return {buffer + 1, n};
 }
 
 auto ftoa(float value) -> std::string {
@@ -235,6 +237,10 @@ TEST(dtoa_test, no_overrun) {
   EXPECT_EQ(buffer[zmij::double_buffer_size - 1], '\0');
 }
 
+TEST(dtoa_test, no_underrun) {
+  dtoa(9.061488e+15);
+}
+
 TEST(ftoa_test, normal) {
   EXPECT_EQ(ftoa(6.62607e-34f), "6.62607e-34");
   EXPECT_EQ(ftoa(1.342178e+08f), "1.342178e+08");
diff --git a/zmij.c b/zmij.c
@@ -34,9 +34,9 @@ typedef struct {
 #ifdef ZMIJ_USE_SSE
 // Use the provided definition
 #elif defined(__SSE2__)
-#  define ZMIJ_USE_SSE ZMIJ_USE_SIMD
+#  define ZMIJ_USE_SSE 0
 #elif defined(_M_AMD64) || (defined(_M_IX86_FP) && _M_IX86FP == 2)
-#  define ZMIJ_USE_SSE ZMIJ_USE_SIMD
+#  define ZMIJ_USE_SSE 0
 #else
 #  define ZMIJ_USE_SSE 0
 #endif
diff --git a/zmij.cc b/zmij.cc
@@ -515,9 +515,10 @@ auto write_significand9(char* buffer, uint32_t value, bool has9digits) noexcept
 // normals) and removes trailing zeros.  The significant digits start
 // from buffer[1].  buffer[0] may contain '0' after this function if
 // the significand has length 16.
+template <bool use_sse = ZMIJ_USE_SSE != 0>
 auto write_significand17(char* buffer, uint64_t value, bool has17digits,
                          long long value_div10) noexcept -> char* {
-  if (!ZMIJ_USE_NEON && !ZMIJ_USE_SSE) {
+  if (!ZMIJ_USE_NEON && !use_sse) {
     // Digits/pairs of digits are denoted by letters: value = abbccddeeffgghhii.
     uint32_t abbccddee = uint32_t(value / 100'000'000);
     uint32_t ffgghhii = uint32_t(value % 100'000'000);
@@ -894,7 +895,7 @@ auto write_fixed(char* buffer, uint64_t dec_sig, int dec_exp, bool extra_digit,
   write8(buffer + (num_bits == 64 ? 16 : 7), 0);
 
   char* start = buffer;
-  buffer = num_bits == 64 ? write_significand17(buffer, dec_sig, extra_digit,
+  buffer = num_bits == 64 ? write_significand17<false>(buffer, dec_sig, extra_digit,
                                                 dec_sig_div10)
                           : write_significand9(buffer, dec_sig, extra_digit);
 
