mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-06 23:27:04 +02:00
Code Issues Projects Releases Wiki Activity

BUG/MINOR: chunk: fix chunk_appendf() to not write a zero if buffer is full

Browse Source 
If the buffer is completely full, the function chunk_appendf() would
write a zero past it, which can result in unexpected behavior.

Now we make a check before calling vsnprintf() and return the current
chunk size if no room is available.

This should be backported as far as 2.0.
This commit is contained in:
Dragan Dosen 2023-07-27 20:30:42 +02:00 committed by Willy Tarreau
parent c156c5bda6
commit f7596209ee
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/chunk.c
View File

@ -130,15 +130,19 @@ int chunk_printf(struct buffer *chk, const char *fmt, ...)
int chunk_appendf(struct buffer *chk, const char *fmt, ...)
{
va_list argp;
size_t room;
int ret;
if (!chk->area || !chk->size)
return 0;
room = chk->size - chk->data;
if (!room)
return chk->data;
va_start(argp, fmt);
ret = vsnprintf(chk->area + chk->data, chk->size - chk->data, fmt,
argp);
if (ret >= chk->size - chk->data)
ret = vsnprintf(chk->area + chk->data, room, fmt, argp);
if (ret >= room)
/* do not copy anything in case of truncation */
chk->area[chk->data] = 0;
else