clean up the previous underflow check, and also point out

yet another one that may be a problem. nick?


svn:r3016
This commit is contained in:
Roger Dingledine 2004-11-29 08:40:24 +00:00
parent c1dc17e6e2
commit 671a2de762

View File

@ -122,10 +122,8 @@ static INLINE char *format_msg(char *buf, size_t buf_len,
size_t n;
int r;
char *end_of_prefix;
if (buf_len < 2) { /* prevent integer underflow */
tor_assert(0);
exit(1);
}
tor_assert(buf_len >= 2); /* prevent integer underflow */
buf_len -= 2; /* subtract 2 characters so we have room for \n\0 */
n = _log_prefix(buf, buf_len, severity);
@ -141,7 +139,8 @@ static INLINE char *format_msg(char *buf, size_t buf_len,
r = tor_vsnprintf(buf+n,buf_len-n,format,ap);
if (r < 0) {
n = buf_len-2;
n = buf_len-2; /* XXX is this line redundant with the -=2 above,
and also a source of underflow danger? */
strlcpy(buf+buf_len-TRUNCATED_STR_LEN-1, TRUNCATED_STR,
buf_len-(buf_len-TRUNCATED_STR_LEN-1));
} else {