https://bugzilla.samba.org/show_bug.cgi?id=11229
Bug ID: 11229 Summary: off-by-one in snprintf() check Product: rsync Version: 3.1.1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: core Assignee: way...@samba.org Reporter: sbehr...@giantdisaster.de QA Contact: rsync...@samba.org >From 55639a2dbc7b2fd5bca9f7068ae0153627e8a7fa Mon Sep 17 00:00:00 2001 From: Stefan Behrens <sbehr...@giantdisaster.de> Date: Tue, 21 Apr 2015 13:50:38 +0200 Subject: [PATCH] rsync: fix of-by-one in check of snprintf() result Signed-off-by: Stefan Behrens <sbehr...@giantdisaster.de> --- io.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/io.c b/io.c index b9a9bd082737..03e13d846fa0 100644 --- a/io.c +++ b/io.c @@ -2283,7 +2283,7 @@ void io_printf(int fd, const char *format, ...) if (len < 0) exit_cleanup(RERR_PROTOCOL); - if (len > (int)sizeof buf) { + if (len >= (int)sizeof buf) { rprintf(FERROR, "io_printf() was too long for the buffer.\n"); exit_cleanup(RERR_PROTOCOL); } -- 1.7.7 -- You are receiving this mail because: You are the QA Contact for the bug. -- Please use reply-all for most replies to avoid omitting the mailing list. To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html