summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorteor <teor@torproject.org>2019-08-10 07:21:43 +1000
committerteor <teor@torproject.org>2019-08-10 07:21:43 +1000
commite07d08a169c3dd43f4cd134c8f993c3f199c2bcc (patch)
tree549903bb4c8260795255f1994fa8b6bf3ba0b0c4 /src
parente0f9a8222b53772a6879ecddb41738a223e3b888 (diff)
parent0e0cf4abd80249faa23f2bbdb89e62ba96c898f0 (diff)
downloadtor-e07d08a169c3dd43f4cd134c8f993c3f199c2bcc.tar.gz
tor-e07d08a169c3dd43f4cd134c8f993c3f199c2bcc.zip
Merge remote-tracking branch 'tor-github/pr/1052' into maint-0.2.9
Diffstat (limited to 'src')
-rw-r--r--src/common/compat.c17
1 files changed, 13 insertions, 4 deletions
diff --git a/src/common/compat.c b/src/common/compat.c
index 9758751122..ee3bf0fd50 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -554,14 +554,24 @@ tor_vasprintf(char **strp, const char *fmt, va_list args)
* characters we need. We give it a try on a short buffer first, since
* it might be nice to avoid the second vsnprintf call.
*/
+ /* XXXX This code spent a number of years broken (see bug 30651). It is
+ * possible that no Tor users actually run on systems without vasprintf() or
+ * _vscprintf(). If so, we should consider removing this code. */
char buf[128];
int len, r;
va_list tmp_args;
va_copy(tmp_args, args);
- /* vsnprintf() was properly checked but tor_vsnprintf() available so
- * why not use it? */
- len = tor_vsnprintf(buf, sizeof(buf), fmt, tmp_args);
+ /* Use vsnprintf to retrieve needed length. tor_vsnprintf() is not an
+ * option here because it will simply return -1 if buf is not large enough
+ * to hold the complete string.
+ */
+ len = vsnprintf(buf, sizeof(buf), fmt, tmp_args);
va_end(tmp_args);
+ buf[sizeof(buf) - 1] = '\0';
+ if (len < 0) {
+ *strp = NULL;
+ return -1;
+ }
if (len < (int)sizeof(buf)) {
*strp = tor_strdup(buf);
return len;
@@ -3543,4 +3553,3 @@ tor_get_avail_disk_space(const char *path)
return -1;
#endif
}
-