try to make agfprintf() safe, but with possibility of truncation

author ellson <devnull@localhost>

Thu, 12 Mar 2009 17:49:56 +0000 (17:49 +0000)

committer ellson <devnull@localhost>

Thu, 12 Mar 2009 17:49:56 +0000 (17:49 +0000)
author ellson <devnull@localhost>
Thu, 12 Mar 2009 17:49:56 +0000 (17:49 +0000)
committer ellson <devnull@localhost>
Thu, 12 Mar 2009 17:49:56 +0000 (17:49 +0000)
diff --git a/lib/graph/graphio.c b/lib/graph/graphio.c

index 454e84a6224628391177bb982758a3e2f1eedccd..68da0c67ddddd50f5ef68469a0af2e25494e0e9d 100644 (file)
--- a/lib/graph/graphio.c
+++ b/lib/graph/graphio.c
@@ -205,10 +205,12 @@ void agsetiodisc(
   * overflow the buffer. In particular, it should be avoided for
   * input coming from users. Also, if vsnprintf is available, the
   * code should check for return values to use it safely.
+ *
+ * JCE.  I think this function is now safe, but may truncate output.
   */
  void agfprintf(FILE *fp, const char *format, ...)
  {
-    char buf[BUFSIZ];
+    char buf[8192];
      size_t len;
      va_list argp;
  
@@ -219,6 +221,20 @@ void agfprintf(FILE *fp, const char *format, ...)
      len = vsprintf((char *)buf, format, argp);
  #endif
      va_end(argp);
+    if (len <= 0){
+#ifdef HAVE_VSNPRINTF
+       fprintf(stderr, "vsnprintf() error: %d\n", len);
+#else
+       fprintf(stderr, "vsprintf() error: %d\n", len);
+#endif
+       return;
+    }
+#ifdef HAVE_VSNPRINTF
+    if (len > sizeof(buf)) {
+       fprintf(stderr, "vsnprintf() truncated string at %d characters\n", sizeof(buf));
+       len = sizeof(buf);
+    }
+#endif
  
      AG.fwrite(buf, sizeof(char), len, fp);
  }
author	ellson <devnull@localhost>
	Thu, 12 Mar 2009 17:49:56 +0000 (17:49 +0000)
committer	ellson <devnull@localhost>
	Thu, 12 Mar 2009 17:49:56 +0000 (17:49 +0000)