Fix use of snprintf() in IETF attributes to string conversion

author Martin Willi <martin@revosec.ch>

Fri, 18 Jun 2010 07:18:49 +0000 (09:18 +0200)

committer Martin Willi <martin@revosec.ch>

Wed, 28 Jul 2010 08:54:48 +0000 (10:54 +0200)
author Martin Willi <martin@revosec.ch>
Fri, 18 Jun 2010 07:18:49 +0000 (09:18 +0200)
committer Martin Willi <martin@revosec.ch>
Wed, 28 Jul 2010 08:54:48 +0000 (10:54 +0200)
diff --git a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c

index ff3ddeb6f11f4e497512c1b9d6812804664cb894..de5b85bae26674336338e8f0a50baf815499dc0f 100644 (file)
--- a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
+++ b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
@@ -159,7 +159,7 @@ static char* get_string(private_ietf_attributes_t *this)
                 enumerator = this->list->create_enumerator(this->list);
                 while (enumerator->enumerate(enumerator, &attr))
                 {
-                       int written = 0;
+                       int written;
  
                         if (first)
                         {
@@ -168,8 +168,12 @@ static char* get_string(private_ietf_attributes_t *this)
                         else
                         {
                                 written = snprintf(pos, len, ", ");
+                               if (written < 0 || written >= len)
+                               {
+                                       break;
+                               }
                                 pos += written;
-                               len -= written; 
+                               len -= written;
                         }
  
                         switch (attr->type)
@@ -194,8 +198,13 @@ static char* get_string(private_ietf_attributes_t *this)
                                         break;
                                 }
                                 default:
+                                       written = 0;
                                         break;
                         }
+                       if (written < 0 || written >= len)
+                       {
+                               break;
+                       }
                         pos += written;
                         len -= written;
                 }
author	Martin Willi <martin@revosec.ch>
	Fri, 18 Jun 2010 07:18:49 +0000 (09:18 +0200)
committer	Martin Willi <martin@revosec.ch>
	Wed, 28 Jul 2010 08:54:48 +0000 (10:54 +0200)