|
|
@@ -1208,9 +1208,14 @@ esc_for_log(const char *s)
|
|
|
}
|
|
|
}
|
|
|
|
|
|
+ tor_assert(len <= SSIZE_MAX);
|
|
|
+
|
|
|
result = outp = tor_malloc(len);
|
|
|
*outp++ = '\"';
|
|
|
for (cp = s; *cp; ++cp) {
|
|
|
+ /* This assertion should always succeed, since we will write at least
|
|
|
+ * one char here, and two chars for closing quote and nul later */
|
|
|
+ tor_assert((outp-result) < (ssize_t)len-2);
|
|
|
switch (*cp) {
|
|
|
case '\\':
|
|
|
case '\"':
|
|
|
@@ -1234,6 +1239,7 @@ esc_for_log(const char *s)
|
|
|
if (TOR_ISPRINT(*cp) && ((uint8_t)*cp)<127) {
|
|
|
*outp++ = *cp;
|
|
|
} else {
|
|
|
+ tor_assert((outp-result) < (ssize_t)len-4);
|
|
|
tor_snprintf(outp, 5, "\\%03o", (int)(uint8_t) *cp);
|
|
|
outp += 4;
|
|
|
}
|
|
|
@@ -1241,6 +1247,7 @@ esc_for_log(const char *s)
|
|
|
}
|
|
|
}
|
|
|
|
|
|
+ tor_assert((outp-result) <= (ssize_t)len-2);
|
|
|
*outp++ = '\"';
|
|
|
*outp++ = 0;
|
|
|
|
Nick Mathewson