|
@@ -554,14 +554,24 @@ tor_vasprintf(char **strp, const char *fmt, va_list args)
|
|
* characters we need. We give it a try on a short buffer first, since
|
|
* characters we need. We give it a try on a short buffer first, since
|
|
* it might be nice to avoid the second vsnprintf call.
|
|
* it might be nice to avoid the second vsnprintf call.
|
|
*/
|
|
*/
|
|
|
|
+ /* XXXX This code spent a number of years broken (see bug 30651). It is
|
|
|
|
+ * possible that no Tor users actually run on systems without vasprintf() or
|
|
|
|
+ * _vscprintf(). If so, we should consider removing this code. */
|
|
char buf[128];
|
|
char buf[128];
|
|
int len, r;
|
|
int len, r;
|
|
va_list tmp_args;
|
|
va_list tmp_args;
|
|
va_copy(tmp_args, args);
|
|
va_copy(tmp_args, args);
|
|
- /* vsnprintf() was properly checked but tor_vsnprintf() available so
|
|
|
|
- * why not use it? */
|
|
|
|
- len = tor_vsnprintf(buf, sizeof(buf), fmt, tmp_args);
|
|
|
|
|
|
+ /* Use vsnprintf to retrieve needed length. tor_vsnprintf() is not an
|
|
|
|
+ * option here because it will simply return -1 if buf is not large enough
|
|
|
|
+ * to hold the complete string.
|
|
|
|
+ */
|
|
|
|
+ len = vsnprintf(buf, sizeof(buf), fmt, tmp_args);
|
|
va_end(tmp_args);
|
|
va_end(tmp_args);
|
|
|
|
+ buf[sizeof(buf) - 1] = '\0';
|
|
|
|
+ if (len < 0) {
|
|
|
|
+ *strp = NULL;
|
|
|
|
+ return -1;
|
|
|
|
+ }
|
|
if (len < (int)sizeof(buf)) {
|
|
if (len < (int)sizeof(buf)) {
|
|
*strp = tor_strdup(buf);
|
|
*strp = tor_strdup(buf);
|
|
return len;
|
|
return len;
|
|
@@ -3543,4 +3553,3 @@ tor_get_avail_disk_space(const char *path)
|
|
return -1;
|
|
return -1;
|
|
#endif
|
|
#endif
|
|
}
|
|
}
|
|
-
|
|
|