[Bug 11229] New: off-by-one in snprintf() check

Tue Apr 21 05:53:03 MDT 2015

https://bugzilla.samba.org/show_bug.cgi?id=11229

            Bug ID: 11229
           Summary: off-by-one in snprintf() check
           Product: rsync
           Version: 3.1.1
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P5
         Component: core
          Assignee: wayned at samba.org
          Reporter: sbehrens at giantdisaster.de
        QA Contact: rsync-qa at samba.org

>From 55639a2dbc7b2fd5bca9f7068ae0153627e8a7fa Mon Sep 17 00:00:00 2001
From: Stefan Behrens <sbehrens at giantdisaster.de>
Date: Tue, 21 Apr 2015 13:50:38 +0200
Subject: [PATCH] rsync: fix of-by-one in check of snprintf() result

Signed-off-by: Stefan Behrens <sbehrens at giantdisaster.de>
---
 io.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/io.c b/io.c
index b9a9bd082737..03e13d846fa0 100644
--- a/io.c
+++ b/io.c
@@ -2283,7 +2283,7 @@ void io_printf(int fd, const char *format, ...)
        if (len < 0)
                exit_cleanup(RERR_PROTOCOL);

-       if (len > (int)sizeof buf) {
+       if (len >= (int)sizeof buf) {
                rprintf(FERROR, "io_printf() was too long for the buffer.\n");
                exit_cleanup(RERR_PROTOCOL);
        }
--
1.7.7

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
