From c118559afec96f5cd18509b9157b9c07724d550c Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Fri, 18 Jun 2010 09:18:49 +0200
Subject: [PATCH] Fix use of snprintf() in IETF attributes to string conversion

---
 .../credentials/ietf_attributes/ietf_attributes.c   | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
index ff3ddeb6f1..de5b85bae2 100644
--- a/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
+++ b/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
@@ -159,7 +159,7 @@ static char* get_string(private_ietf_attributes_t *this)
 		enumerator = this->list->create_enumerator(this->list);
 		while (enumerator->enumerate(enumerator, &attr))
 		{
-			int written = 0;
+			int written;
 
 			if (first)
 			{
@@ -168,8 +168,12 @@ static char* get_string(private_ietf_attributes_t *this)
 			else
 			{
 				written = snprintf(pos, len, ", ");
+				if (written < 0 || written >= len)
+				{
+					break;
+				}
 				pos += written;
-				len -= written; 
+				len -= written;
 			}
 
 			switch (attr->type)
@@ -194,8 +198,13 @@ static char* get_string(private_ietf_attributes_t *this)
 					break;
 				}
 				default:
+					written = 0;
 					break;
 			}
+			if (written < 0 || written >= len)
+			{
+				break;
+			}
 			pos += written;
 			len -= written;
 		}
-- 
2.47.3