From: Thierry FOURNIER <thierry.fournier@ozon.io>
Date: Thu, 9 Feb 2017 11:19:27 +0000 (+0100)
Subject: BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested
X-Git-Tag: v1.8-dev1~138
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=62c8a21c10c41629d63e93bee904514f456def74;p=thirdparty%2Fhaproxy.git

BUG/MINOR: sendmail: The return of vsnprintf is not cleanly tested

The string formatted by vsnprintf may be bigger than the size of
the buffer "buf". This case is not tested.

This sould be backported to 1.6 and 1.7
---

diff --git a/src/checks.c b/src/checks.c
index 7d42422675..49bd886bf3 100644
--- a/src/checks.c
+++ b/src/checks.c
@@ -3398,7 +3398,7 @@ void send_email_alert(struct server *s, int level, const char *format, ...)
 	len = vsnprintf(buf, sizeof(buf), format, argp);
 	va_end(argp);
 
-	if (len < 0) {
+	if (len < 0 || len >= sizeof(buf)) {
 		Alert("Email alert [%s] could not format message\n", p->id);
 		return;
 	}