Fix bug where iso8601_print() could overrun...

If a date with a timezone offset of 0 had a length exactly matching the
buffer size, we would write past the end of the buffer.
This commit is contained in:
Laurence Withers 2008-01-04 22:47:10 +00:00
parent 69628be83e
commit 1f43445813
2 changed files with 8 additions and 6 deletions

6
README
View File

@ -14,4 +14,10 @@ You might want to edit 'config' first. You might also want to set
'INSTALL_PREFIX', which is prepended onto the destination of any 'INSTALL_PREFIX', which is prepended onto the destination of any
installed file. installed file.
Thanks
------
Robert Dunlop, <rjd@xyzzy.org.uk>
* found null terminating bug with iso8601_print()
@TODO@ @TODO@

View File

@ -130,15 +130,11 @@ char* iso8601_print(char* str, int amt, const struct iso8601_date* date,
break; break;
} }
if(ret < 1 || ret >= amt) return str_orig; if(ret < 1 || (ret + 1) >= amt) return str_orig;
str += ret; str += ret;
amt -= ret; amt -= ret;
if(details->tz_sec) { if(details->tz_sec) {
if(!--amt) {
*str = 0;
return str_orig;
}
if(details->tz_sec < 0) { if(details->tz_sec < 0) {
*str++ = '-'; *str++ = '-';
ret = -details->tz_sec; ret = -details->tz_sec;
@ -146,6 +142,7 @@ char* iso8601_print(char* str, int amt, const struct iso8601_date* date,
*str++ = '+'; *str++ = '+';
ret = details->tz_sec; ret = details->tz_sec;
} }
--amt;
y = ret / 3600; y = ret / 3600;
ret -= y * 3600; ret -= y * 3600;
@ -158,7 +155,6 @@ char* iso8601_print(char* str, int amt, const struct iso8601_date* date,
else snprintf(str, amt, "%02d", y); else snprintf(str, amt, "%02d", y);
} else { } else {
*str++ = 'Z'; *str++ = 'Z';
if(amt > 1) *str = 0;
} }
return str_orig; return str_orig;