[PATCH] fix snprintf return value misuse (and some related off-by-1/etc)

Yuriy M. Kaminskiy yumkam at gmail.com
Sat Feb 13 22:04:09 UTC 2016


snprintf() return -1 on error, and *value larger than supplied buffer
size* if formatted string will not fit in supplied buffer.
If you add/subtract snprintf() return value without validating its
range, this will lead up to disaster.
As I don't use inn, patch is compile-tested only, passes `make check`.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: inn2-fix-snprintf-misuse.patch
Type: text/x-patch
Size: 9749 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/inn-workers/attachments/20160214/0e2b6633/attachment.bin>


More information about the inn-workers mailing list