BUG/MINOR: log: fix lf_text_len() truncate inconsistency

In c5bff8e550 ("BUG/MINOR: log: improper behavior when escaping log data")
we fixed lf_text_len() behavior with +E (escape) option.

However we introduced an inconsistency if output buffer is too small to
hold the whole output and truncation occurs: indeed without +E option up
to <size> bytes (including NULL byte) will be used whereas with +E option
only <size-1> bytes will be used. Fixing the function and related comment
so that the function behaves the same in regards to truncation whether +E
option is used or not.

This should be backported to all stable versions.

diff --git a/src/log.c b/src/log.c
index 13d23351b1fe8a3029e6e3328710bf98c4dd31d9..a1236e9f2c5bed2c1e5ec92cb2b0efc0fd726bd4 100644 (file)
--- a/src/log.c
+++ b/src/log.c
@@ -1841,13 +1841,12 @@ char *lf_text_len(char *dst, const char *src, size_t len, size_t size, const str
 
        if (src && len) {
                /* escape_string and strlcpy2 will both try to add terminating NULL-byte
-                * to dst, so we need to make sure that extra byte will fit into dst
-                * before calling them
+                * to dst
                 */
                if (node->options & LOG_OPT_ESC) {
                        char *ret;
 
-                       ret = escape_string(dst, (dst + size - 1), '\\', rfc5424_escape_map, src, src + len);
+                       ret = escape_string(dst, dst + size, '\\', rfc5424_escape_map, src, src + len);
                        if (ret == NULL || *ret != '\0')
                                return NULL;
                        len = ret - dst;