From 70296e1f530313283f9a48dd0ec467e5c280a79d Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Thu, 23 Oct 2008 19:59:05 +0000
Subject: Use snprintf instead of strcpy/strcat in many places

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20912 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/include/k5-platform.h | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'src/include')

diff --git a/src/include/k5-platform.h b/src/include/k5-platform.h
index 4a2b1aef7..279d6fd96 100644
--- a/src/include/k5-platform.h
+++ b/src/include/k5-platform.h
@@ -920,6 +920,22 @@ extern int asprintf(char **, const char *, ...)
 
 #endif /* have vasprintf and prototype? */
 
+/* Return true if the snprintf return value RESULT reflects a buffer
+   overflow for the buffer size SIZE.
+
+   We cast the result to unsigned int for two reasons.  First, old
+   implementations of snprintf (such as the one in Solaris 9 and
+   prior) return -1 on a buffer overflow.  Casting the result to -1
+   will convert that value to UINT_MAX, which should compare larger
+   than any reasonable buffer size.  Second, comparing signed and
+   unsigned integers will generate warnings with some compilers, and
+   can have unpredictable results, particularly when the relative
+   widths of the types is not known (size_t may be the same width as
+   int or larger).
+*/
+#define SNPRINTF_OVERFLOW(result, size) \
+    ((unsigned int)(result) >= (size_t)(size))
+
 #ifndef HAVE_MKSTEMP
 extern int krb5int_mkstemp(char *);
 #define mkstemp krb5int_mkstemp
-- 
cgit