apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject cvs commit: apr/strings apr_strings.c
Date Mon, 28 Jun 2004 18:09:16 GMT
wrowe       2004/06/28 11:09:16

  Modified:    strings  Tag: APR_0_9_BRANCH apr_strings.c
  Log:
    Avoid any edge case or clib bug that might result in a string
    overflow of the fixed 5-byte buffer for our size function.
    Returns the '****' string when the buffer would overflow.
    Backport of rev 1.47
  
  Reviewed by: trawick
  
  Revision  Changes    Path
  No                   revision
  No                   revision
  1.42.2.3  +6 -3      apr/strings/apr_strings.c
  
  Index: apr_strings.c
  ===================================================================
  RCS file: /home/cvs/apr/strings/apr_strings.c,v
  retrieving revision 1.42.2.2
  retrieving revision 1.42.2.3
  diff -u -r1.42.2.2 -r1.42.2.3
  --- apr_strings.c	4 Apr 2004 15:21:08 -0000	1.42.2.2
  +++ apr_strings.c	28 Jun 2004 18:09:16 -0000	1.42.2.3
  @@ -429,7 +429,8 @@
           return strcpy(buf, "  - ");
       }
       if (size < 973) {
  -        sprintf(buf, "%3d ", (int) size);
  +        if (apr_snprintf(buf, 5, "%3d ", (int) size) < 0)
  +            return strcpy(buf, "****");
           return buf;
       }
       do {
  @@ -442,12 +443,14 @@
           if (size < 9 || (size == 9 && remain < 973)) {
               if ((remain = ((remain * 5) + 256) / 512) >= 10)
                   ++size, remain = 0;
  -            sprintf(buf, "%d.%d%c", (int) size, remain, *o);
  +            if (apr_snprintf(buf, 5, "%d.%d%c", (int) size, remain, *o) < 0)
  +                return strcpy(buf, "****");
               return buf;
           }
           if (remain >= 512)
               ++size;
  -        sprintf(buf, "%3d%c", (int) size, *o);
  +        if (apr_snprintf(buf, 5, "%3d%c", (int) size, *o) < 0)
  +            return strcpy(buf, "****");
           return buf;
       } while (1);
   }
  
  
  

Mime
View raw message