From 0e15b864c10ddba8095d452ca6cc9a9e085dee43 Mon Sep 17 00:00:00 2001
From: Tobias Stoeckmann <tobias@stoeckmann.org>
Date: Fri, 16 May 2025 23:08:59 +0200
Subject: [PATCH] tar: Always use correct length in safe_fprintf

If the format buffer shall not be further increased in size, the
length value mistakenly takes the terminating nul byte into account.

This is in contrast to a successful vsnprintf call.

Also use the correct string length if fallback to stack buffer is
required.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
---
 tar/util.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/tar/util.c b/tar/util.c
index dabb94058..dc0ab419e 100644
--- a/tar/util.c
+++ b/tar/util.c
@@ -106,8 +106,8 @@ safe_fprintf(FILE * restrict f, const char * restrict fmt, ...)
 		else if (fmtbuff_length < 1000000)
 			fmtbuff_length += fmtbuff_length / 4;
 		else {
-			length = fmtbuff_length;
-			fmtbuff_heap[length-1] = '\0';
+			fmtbuff[fmtbuff_length - 1] = '\0';
+			length = (int)strlen(fmtbuff);
 			break;
 		}
 		free(fmtbuff_heap);
@@ -122,8 +122,9 @@ safe_fprintf(FILE * restrict f, const char * restrict fmt, ...)
 		} else {
 			/* Leave fmtbuff pointing to the truncated
 			 * string in fmtbuff_stack. */
+			fmtbuff_stack[sizeof(fmtbuff_stack) - 1] = '\0';
 			fmtbuff = fmtbuff_stack;
-			length = sizeof(fmtbuff_stack) - 1;
+			length = (int)strlen(fmtbuff);
 			break;
 		}
 	}
-- 
2.47.2