ganeshmurthy commented on a change in pull request #679: DISPATCH-1566: fix safe_snptrintf URL: https://github.com/apache/qpid-dispatch/pull/679#discussion_r379524695
########## File path: src/router_core/terminus.c ########## @@ -75,24 +76,37 @@ void qdr_terminus_free(qdr_terminus_t *term) free_qdr_terminus_t(term); } - // DISPATCH-1461: snprintf() is evil - it returns >= size on overflow. This // wrapper will never return >= size, even if truncated. This makes it safe to // do pointer & length arithmetic without overflowing the destination buffer in // qdr_terminus_format() // -static inline int safe_snprintf(char *str, size_t size, const char *format, ...) -{ +size_t safe_snprintf(char *str, size_t size, const char *format, ...) { + // max size allowed must be INT_MAX (since vsnprintf reutrns an int) + if (size == 0 || size > INT_MAX) { + //TODO log a warning somewhere? Review comment: Please remove these TODOs. I don't think we are going to log anything here. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org