commit 508c4d93548ceb75dfdada53372e968b8dee0be9
author Chris Morgan <cmorgan@wpi.edu> Fri Feb 16 19:52:50 2001 +0000
committer Alexandre Julliard <julliard@winehq.org> Fri Feb 16 19:52:50 2001 +0000
tree 2b52132fc30bde8218842b7eabaf136afba56d26
parent 7fdceb2217154695cc2d71b56d7726805b69ddb6

Assert on output buffer overflow.

dlls/ntdll/debugtools.c

diff --git a/dlls/ntdll/debugtools.c b/dlls/ntdll/debugtools.c
index 9cc73b7..1e5ae58 100644
--- a/dlls/ntdll/debugtools.c
+++ b/dlls/ntdll/debugtools.c
@@ -2,6 +2,7 @@
  * Debugging functions
  */
 
+#include <assert.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -198,9 +199,17 @@
 int wine_dbg_vprintf( const char *format, va_list args )
 {
     struct debug_info *info = get_info();
+    char *p;
 
-    int ret = vsprintf( info->out_pos, format, args );
-    char *p = strrchr( info->out_pos, '\n' );
+    int ret = vsnprintf( info->out_pos, sizeof(info->output) - (info->out_pos - info->output),
+                         format, args );
+
+    /* make sure we didn't exceed the buffer length
+     * the two asserts are due to glibc changes in vsnprintfs return value */
+    assert( ret != -1 );
+    assert( ret < sizeof(info->output) - (info->out_pos - info->output) );
+
+    p = strrchr( info->out_pos, '\n' );
     if (!p) info->out_pos += ret;
     else
     {