[dovecot-cvs] dovecot/src/lib compat.c,1.4,1.5 strfuncs.c,1.14,1.15
cras at procontrol.fi
cras at procontrol.fi
Wed Oct 23 17:16:53 EEST 2002
Update of /home/cvs/dovecot/src/lib
In directory danu:/tmp/cvs-serv14470
Modified Files:
compat.c strfuncs.c
Log Message:
Check vsnprintf() return values more carefully, thanks to Thomas Wouters
<thomas at xs4all.net> for noticing.
Index: compat.c
===================================================================
RCS file: /home/cvs/dovecot/src/lib/compat.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- compat.c 13 Oct 2002 23:49:11 -0000 1.4
+++ compat.c 23 Oct 2002 13:16:50 -0000 1.5
@@ -104,7 +104,11 @@
char buf[1024];
#ifdef HAVE_VSNPRINTF
- vsnprintf(buf, sizeof(buf), format, args);
+ int ret;
+
+ ret = vsnprintf(buf, sizeof(buf), format, args);
+ if (ret < 0 || (size_t)ret >= sizeof(buf))
+ buf[sizeof(buf)-1] = '\0';
str = buf;
#else
va_list args2;
Index: strfuncs.c
===================================================================
RCS file: /home/cvs/dovecot/src/lib/strfuncs.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -d -r1.14 -r1.15
--- strfuncs.c 20 Oct 2002 03:19:10 -0000 1.14
+++ strfuncs.c 23 Oct 2002 13:16:50 -0000 1.15
@@ -401,7 +401,7 @@
va_end(args);
t_pop();
- if (ret < 0) {
+ if (ret < 0 || (size_t)ret >= max_chars) {
str[max_chars-1] = '\0';
ret = strlen(str);
}
More information about the dovecot-cvs
mailing list