tfix check for encoding or truncation for snprintf - vote - simple cgi voting s… | |
git clone git://src.adamsgaard.dk/vote | |
Log | |
Files | |
Refs | |
README | |
LICENSE | |
--- | |
commit 542105db6abb6ea8f555fe1c60343aebb85dd91b | |
parent 273ce99a3b8fe03c3808861b41f8cbfcbdc8f0b3 | |
Author: Hiltjo Posthuma <[email protected]> | |
Date: Sun, 4 Oct 2020 15:46:19 +0200 | |
fix check for encoding or truncation for snprintf | |
Signed-off-by: Anders Damsgaard <[email protected]> | |
Diffstat: | |
M vote.c | 6 ++++-- | |
1 file changed, 4 insertions(+), 2 deletions(-) | |
--- | |
diff --git a/vote.c b/vote.c | |
t@@ -48,11 +48,13 @@ char * | |
pollfile(const char *poll_name, const char *postfix) | |
{ | |
char buf[PATH_MAX]; | |
+ int r; | |
strlcpy(buf, poll_name, sizeof(buf)); | |
escapechars(buf); | |
- if (snprintf(fname, sizeof(fname), "%s/%s%s", | |
- POLLS_DIR, buf, postfix) < 0) { | |
+ r = snprintf(fname, sizeof(fname), "%s/%s%s", | |
+ POLLS_DIR, buf, postfix); | |
+ if (r < 0 || (size_t)r >= sizeof(fname)) { | |
http_status(500); | |
err(1, "show_poll: snprintf fname %s/%s%s", | |
POLLS_DIR, buf, postfix); |