From: Martin Willi <martin@revosec.ch>
Date: Fri, 18 Jun 2010 07:18:49 +0000 (+0200)
Subject: Fix use of snprintf() in IETF attributes to string conversion
X-Git-Tag: 4.4.1~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c118559afec96f5cd18509b9157b9c07724d550c;p=thirdparty%2Fstrongswan.git

Fix use of snprintf() in IETF attributes to string conversion
---

diff --git a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
index ff3ddeb6f1..de5b85bae2 100644
--- a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
+++ b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
@@ -159,7 +159,7 @@ static char* get_string(private_ietf_attributes_t *this)
 		enumerator = this->list->create_enumerator(this->list);
 		while (enumerator->enumerate(enumerator, &attr))
 		{
-			int written = 0;
+			int written;
 
 			if (first)
 			{
@@ -168,8 +168,12 @@ static char* get_string(private_ietf_attributes_t *this)
 			else
 			{
 				written = snprintf(pos, len, ", ");
+				if (written < 0 || written >= len)
+				{
+					break;
+				}
 				pos += written;
-				len -= written; 
+				len -= written;
 			}
 
 			switch (attr->type)
@@ -194,8 +198,13 @@ static char* get_string(private_ietf_attributes_t *this)
 					break;
 				}
 				default:
+					written = 0;
 					break;
 			}
+			if (written < 0 || written >= len)
+			{
+				break;
+			}
 			pos += written;
 			len -= written;
 		}