Hi Istvan, > + /* > + * sizeof( buffer2 ) - 3 is room for CR/LF/NUL > + */ > if( proc ) > - hb_snprintf( buffer2, sizeof( buffer2 ), "%s:%d:%s() %s %s", > - file, line, proc, pszLevel, buffer1 ); > + n = hb_snprintf( buffer2, sizeof( buffer2 ) - 3, "%s:%d:%s() %s %s", > + file, line, proc, pszLevel, buffer1 ); > else > - hb_snprintf( buffer2, sizeof( buffer2 ), "%s:%d: %s %s", > - file, line, pszLevel, buffer1 ); > + n = hb_snprintf( buffer2, sizeof( buffer2 ) - 3, "%s:%d: %s %s", > + file, line, pszLevel, buffer1 ); > > + /* > + * Normalize buffer2 with ending CR/LF/NUL > + */ > + p = buffer2; > + p += (n < 0) ? sizeof( buffer2 ) - 3 : n; > + while ( p > buffer2 && isspace( p[-1] ) ) > + { > + *--p = '\0'; > + } > + *p++ = '\r'; > + *p++ = '\n'; > + *p = '\0'; > +
Maybe I'm missing something but isn't hb_snprintf() _always_ closing string with a zero? If not, we have serious security problems in hundreds of places in Harbour. If this is the case, we should rather fix hb_snprintf(), than this one specific call of it. Also, shouldn't \r \n simply added to printf mask string? Brgds, Viktor _______________________________________________ Harbour mailing list (attachment size limit: 40KB) Harbour@harbour-project.org http://lists.harbour-project.org/mailman/listinfo/harbour