prevent integer underflow

(not currently exploitable, ilja and i think)


svn:r3010
This commit is contained in:
Roger Dingledine 2004-11-29 06:43:21 +00:00
parent 9811f68310
commit 185f047450

View File

@ -122,6 +122,10 @@ static INLINE char *format_msg(char *buf, size_t buf_len,
size_t n; size_t n;
int r; int r;
char *end_of_prefix; char *end_of_prefix;
if (buf_len < 2) { /* prevent integer underflow */
tor_assert(0);
exit(1);
}
buf_len -= 2; /* subtract 2 characters so we have room for \n\0 */ buf_len -= 2; /* subtract 2 characters so we have room for \n\0 */
n = _log_prefix(buf, buf_len, severity); n = _log_prefix(buf, buf_len, severity);