tar: Clear safe_fprintf stack before usage

The stack buffer is never cleared, which can become an issue depending
on vsnprintf implementation's behavior if -1 is returned. The code
would eventually fall back to stack buffer which might be not
nul terminated.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

diff --git a/tar/util.c b/tar/util.c
index 7b9db5ddc652d687419d841506a328a6996d273b..dabb94058e801dbd512fd11214fa3c33361db98f 100644 (file)
--- a/tar/util.c
+++ b/tar/util.c
@@ -87,6 +87,7 @@ safe_fprintf(FILE * restrict f, const char * restrict fmt, ...)
        char try_wc;
 
        /* Use a stack-allocated buffer if we can, for speed and safety. */
+       memset(fmtbuff_stack, '\0', sizeof(fmtbuff_stack));
        fmtbuff_heap = NULL;
        fmtbuff_length = sizeof(fmtbuff_stack);
        fmtbuff = fmtbuff_stack;