fix potential buffer overflow in test-server logging function

2008-09-26 00:17:01 +00:00 · 2008-09-26 00:17:01 +00:00 · 2d1f798d14
commit 2d1f798d14
parent 9e9f70a693
1 changed files with 3 additions and 3 deletions
--- a/tests/server/util.c
+++ b/tests/server/util.c
@ -62,7 +62,7 @@ const struct in6_addr in6addr_any = {{ IN6ADDR_ANY_INIT }};
 void logmsg(const char *msg, ...)
 {
  va_list ap;
-  char buffer[512]; /* possible overflow if you pass in a huge string */
+  char buffer[2048 + 1];
  FILE *logfp;
  int error;
  struct timeval tv;
@ -80,10 +80,10 @@ void logmsg(const char *msg, ...)
  now = localtime(&sec); /* not multithread safe but we don't care */

  snprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld",
-           now->tm_hour, now->tm_min, now->tm_sec, tv.tv_usec);
+    (int)now->tm_hour, (int)now->tm_min, (int)now->tm_sec, (long)tv.tv_usec);

  va_start(ap, msg);
-  vsprintf(buffer, msg, ap);
+  vsnprintf(buffer, sizeof(buffer), msg, ap);
  va_end(ap);

  logfp = fopen(serverlogfile, "a");