summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@torproject.org>2019-05-30 09:59:21 -0400
committerDavid Goulet <dgoulet@torproject.org>2019-05-30 09:59:21 -0400
commitef9170db4cc936c7154d8be7626f9c57f75c0049 (patch)
treea747468facf5328d7f52f5c4ead986ece118bef3
parent61bd8f428b2bd637591dace2d7d65af42740b898 (diff)
parent8f0b29961eb4b9965f22bbcabdc0aa0354c19a4a (diff)
downloadtor-ef9170db4cc936c7154d8be7626f9c57f75c0049.tar.gz
tor-ef9170db4cc936c7154d8be7626f9c57f75c0049.zip
Merge branch 'tor-github/pr/1054'
-rw-r--r--changes/bug305616
-rw-r--r--src/lib/string/printf.c16
2 files changed, 19 insertions, 3 deletions
diff --git a/changes/bug30561 b/changes/bug30561
new file mode 100644
index 0000000000..afb3f02c62
--- /dev/null
+++ b/changes/bug30561
@@ -0,0 +1,6 @@
+ o Minor bugfixes (portability):
+ - Avoid crashing in our tor_vasprintf() implementation on systems that
+ define neither vasprintf() nor _vscprintf(). (This bug has been here
+ long enough that we question whether people are running Tor on such
+ systems, but we're applying the fix out of caution.) Fixes bug 30561;
+ bugfix on 0.2.8.2-alpha. Found and fixed by Tobias Stoeckmann.
diff --git a/src/lib/string/printf.c b/src/lib/string/printf.c
index 415d4ac4a7..a5cb71ce09 100644
--- a/src/lib/string/printf.c
+++ b/src/lib/string/printf.c
@@ -131,14 +131,24 @@ tor_vasprintf(char **strp, const char *fmt, va_list args)
* characters we need. We give it a try on a short buffer first, since
* it might be nice to avoid the second vsnprintf call.
*/
+ /* XXXX This code spent a number of years broken (see bug 30651). It is
+ * possible that no Tor users actually run on systems without vasprintf() or
+ * _vscprintf(). If so, we should consider removing this code. */
char buf[128];
int len, r;
va_list tmp_args;
va_copy(tmp_args, args);
- /* vsnprintf() was properly checked but tor_vsnprintf() available so
- * why not use it? */
- len = tor_vsnprintf(buf, sizeof(buf), fmt, tmp_args);
+ /* Use vsnprintf to retrieve needed length. tor_vsnprintf() is not an
+ * option here because it will simply return -1 if buf is not large enough
+ * to hold the complete string.
+ */
+ len = vsnprintf(buf, sizeof(buf), fmt, tmp_args);
va_end(tmp_args);
+ buf[sizeof(buf) - 1] = '\0';
+ if (len < 0) {
+ *strp = NULL;
+ return -1;
+ }
if (len < (int)sizeof(buf)) {
*strp = tor_strdup(buf);
return len;