Replace kludgy assert with something a little less awful, and avoid needless strlcpy in rend descriptor encoding.

svn:r17818

1 files changed, 7 insertions, 3 deletions

diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index 81ef565447..5e73b3830a 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -690,13 +690,17 @@ rend_encode_service_descriptor(rend_service_descriptor_t *desc,
   for (i=0; i < smartlist_len(desc->intro_nodes); ++i) {
     rend_intro_point_t *intro = smartlist_get(desc->intro_nodes, i);
     char ipoint[HEX_DIGEST_LEN+2];
+    const size_t ipoint_len = HEX_DIGEST_LEN+1;
     ipoint[0] = '$';
     base16_encode(ipoint+1, HEX_DIGEST_LEN+1,
                   intro->extend_info->identity_digest,
                   DIGEST_LEN);
-    tor_assert(buflen + *str_out >= cp); /* XXX021 This assert is a kludge. */
-    strlcpy(cp, ipoint, buflen-(cp-*str_out));
-    cp += strlen(ipoint)+1;
+    tor_assert(strlen(ipoint) == ipoint_len);
+    /* Assert that appending ipoint and its NUL won't over overun the
+     * buffer. */
+    tor_assert(cp + ipoint_len+1 < *str_out + buflen);
+    memcpy(cp, ipoint, ipoint_len+1);
+    cp += ipoint_len+1;
   }
   note_crypto_pk_op(REND_SERVER);
   r = crypto_pk_private_sign_digest(key, cp, *str_out, cp-*str_out);