From e3da5ad6e3bcee7cb9b639296e186fbeda5a6d9c Mon Sep 17 00:00:00 2001 From: "teor (Tim Wilson-Brown)" Date: Mon, 1 Feb 2016 10:07:19 +1100 Subject: [PATCH] Replace incorrect use of snprintf in unit tests with tor_snprintf This avoids a potential out of bounds write. --- src/test/test_tortls.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index cbbd7dd3f3..98f5facc11 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -1808,9 +1808,10 @@ test_tortls_debug_state_callback(void *ignored) tor_tls_debug_state_callback(ssl, 32, 45); - n = snprintf(buf, 1000, "SSL %p is now in state unknown" + n = tor_snprintf(buf, 1000, "SSL %p is now in state unknown" " state [type=32,val=45].\n", ssl); - buf[n]='\0'; + /* tor's snprintf returns -1 on error */ + tt_int_op(n, OP_NE, -1); expect_log_msg(buf); done: