- (djm) [bsd-asprintf.c] Better test for bad vsnprintf lengths; ok dtucker@

diff --git a/ChangeLog b/ChangeLog
index d747306d8ff555834f61dff968b79670ce08a612..00448c48c490ae94c0364a8085244d7cabd5edf8 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,7 @@
  - (djm) [auth.c] Fix NULL pointer dereference in fakepw().  Crash would
    occur if the server did not have the privsep user and an invalid user
    tried to login and both privsep and krb5 auth are disabled; ok dtucker@
+ - (djm) [bsd-asprintf.c] Better test for bad vsnprintf lengths; ok dtucker@
 
 20061108
  - (dtucker) OpenBSD CVS Sync

diff --git a/openbsd-compat/bsd-asprintf.c b/openbsd-compat/bsd-asprintf.c
index 67480139ebdf42747c67eeeeac3f40d807f76645..00fa0dfd8a7da3bad6684929d0f2550582bc3137 100644 (file)
--- a/openbsd-compat/bsd-asprintf.c
+++ b/openbsd-compat/bsd-asprintf.c
@@ -39,7 +39,8 @@
 
 #define INIT_SZ        128
 
-int vasprintf(char **str, const char *fmt, va_list ap)
+int
+vasprintf(char **str, const char *fmt, va_list ap)
 {
        int ret = -1;
        va_list ap2;
@@ -53,7 +54,7 @@ int vasprintf(char **str, const char *fmt, va_list ap)
        ret = vsnprintf(string, INIT_SZ, fmt, ap2);
        if (ret >= 0 && ret < INIT_SZ) { /* succeeded with initial alloc */
                *str = string;
-       } else if (ret == INT_MAX) { /* shouldn't happen */
+       } else if (ret == INT_MAX || ret < 0) { /* Bad length */
                goto fail;
        } else {        /* bigger than initial, realloc allowing for nul */
                len = (size_t)ret + 1;