Fix bug where iso8601_print() could overrun...

If a date with a timezone offset of 0 had a length exactly matching the buffer size, we would write past the end of the buffer.
2008-01-04 22:47:10 +00:00 · 2008-01-04 22:47:10 +00:00 · 1f43445813
parent 69628be83e
commit 1f43445813
2 changed files with 8 additions and 6 deletions
--- a/6
+++ b/6
@ -14,4 +14,10 @@ You might want to edit 'config' first. You might also want to set
 'INSTALL_PREFIX', which is prepended onto the destination of any
 installed file.

+Thanks
+------
+
+Robert Dunlop, <rjd@xyzzy.org.uk>
+ * found null terminating bug with iso8601_print()
+
@TODO@
--- a/src/libiso8601/200_print.c
+++ b/src/libiso8601/200_print.c
@ -130,15 +130,11 @@ char* iso8601_print(char* str, int amt, const struct iso8601_date* date,
        break;
    }

-    if(ret < 1 || ret >= amt) return str_orig;
+    if(ret < 1 || (ret + 1) >= amt) return str_orig;
    str += ret;
    amt -= ret;

    if(details->tz_sec) {
-        if(!--amt) {
-            *str = 0;
-            return str_orig;
-        }
        if(details->tz_sec < 0) {
            *str++ = '-';
            ret = -details->tz_sec;
@ -146,6 +142,7 @@ char* iso8601_print(char* str, int amt, const struct iso8601_date* date,
            *str++ = '+';
            ret = details->tz_sec;
        }
+        --amt;

        y = ret / 3600;
        ret -= y * 3600;
@ -158,7 +155,6 @@ char* iso8601_print(char* str, int amt, const struct iso8601_date* date,
        else snprintf(str, amt, "%02d", y);
    } else {
        *str++ = 'Z';
-        if(amt > 1) *str = 0;
    }
    
    return str_orig;