nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-09 17:38:00 +00:00
Code Issues Projects Releases Wiki Activity

dupvprintf: fix signedness of return from vsnprintf.

Browse Source 
It's defined in the C standard to return an int, not a size_t, and we
should honour that since the subsequent code checks it for <0.

A knock-on effect is that I reorganise the addends in one of the
sgrowarrays, to be extra careful about overflow when adding something
to that int.
This commit is contained in:
Simon Tatham 2019-03-02 06:52:00 +00:00
parent bde7b6b158
commit 0ceb73fb10
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
utils.c
View File

@ -340,15 +340,13 @@ int string_length_for_printf(size_t s)
static char *dupvprintf_inner(char *buf, size_t oldlen, size_t *sizeptr,
const char *fmt, va_list ap)
{
size_t len, size;
size = *sizeptr;
size_t size = *sizeptr;
sgrowarrayn_nm(buf, size, oldlen, 512);
while (1) {
va_list aq;
va_copy(aq, ap);
len = vsnprintf(buf + oldlen, size - oldlen, fmt, aq);
int len = vsnprintf(buf + oldlen, size - oldlen, fmt, aq);
va_end(aq);
if (len >= 0 && len < size) {
@ -359,7 +357,7 @@ static char *dupvprintf_inner(char *buf, size_t oldlen, size_t *sizeptr,
} else if (len > 0) {
/* This is the C99 error condition: the returned length is
* the required buffer size not counting the NUL. */
sgrowarrayn_nm(buf, size, oldlen, len + 1);
sgrowarrayn_nm(buf, size, oldlen + 1, len);
} else {
/* This is the pre-C99 glibc error condition: <0 means the
* buffer wasn't big enough, so we enlarge it a bit and hope. */