From: Aurelien DARRAGON <adarragon@haproxy.com>
Date: Tue, 9 Apr 2024 09:15:23 +0000 (+0200)
Subject: BUG/MINOR: log: fix lf_text_len() truncate inconsistency
X-Git-Tag: v3.0-dev8~113
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b15f6dfae871f6ebfefa8a4e89958c1c70078e09;p=thirdparty%2Fhaproxy.git

BUG/MINOR: log: fix lf_text_len() truncate inconsistency

In c5bff8e550 ("BUG/MINOR: log: improper behavior when escaping log data")
we fixed lf_text_len() behavior with +E (escape) option.

However we introduced an inconsistency if output buffer is too small to
hold the whole output and truncation occurs: indeed without +E option up
to <size> bytes (including NULL byte) will be used whereas with +E option
only <size-1> bytes will be used. Fixing the function and related comment
so that the function behaves the same in regards to truncation whether +E
option is used or not.

This should be backported to all stable versions.
---

diff --git a/src/log.c b/src/log.c
index 13d23351b1..a1236e9f2c 100644
--- a/src/log.c
+++ b/src/log.c
@@ -1841,13 +1841,12 @@ char *lf_text_len(char *dst, const char *src, size_t len, size_t size, const str
 
 	if (src && len) {
 		/* escape_string and strlcpy2 will both try to add terminating NULL-byte
-		 * to dst, so we need to make sure that extra byte will fit into dst
-		 * before calling them
+		 * to dst
 		 */
 		if (node->options & LOG_OPT_ESC) {
 			char *ret;
 
-			ret = escape_string(dst, (dst + size - 1), '\\', rfc5424_escape_map, src, src + len);
+			ret = escape_string(dst, dst + size, '\\', rfc5424_escape_map, src, src + len);
 			if (ret == NULL || *ret != '\0')
 				return NULL;
 			len = ret - dst;