clarify why strlcpy is safe in truncated log messages

svn:r3032
author: Nick Mathewson <nickm@torproject.org> 2004-11-30 06:15:06 +0000
committer: Nick Mathewson <nickm@torproject.org> 2004-11-30 06:15:06 +0000
commit: a3477223de716134745656503a6dc6645c92f967 (patch)
tree: 9caa8ded24a444a5d0bf2459d4b56ce109746f9e /src/common/log.c
parent: a5d3325c5c9e10ea94748d119069c1e90541a6e9 (diff)
download: tor-a3477223de716134745656503a6dc6645c92f967.tar
tor-a3477223de716134745656503a6dc6645c92f967.tar.gz
1 files changed, 4 insertions, 5 deletions
diff --git a/src/common/log.c b/src/common/log.c
index 4e5a69f1a..3a4f32e17 100644
--- a/src/common/log.c
+++ b/src/common/log.c
@@ -143,15 +143,14 @@ static INLINE char *format_msg(char *buf, size_t buf_len,
     /* The message was too long; overwrite the end of the buffer with
      * "[...truncated]" */
     if (buf_len >= TRUNCATED_STR_LEN) {
-      /* This is safe, since we have an extra character after buf_len
-         to hold the \0. */
-      strlcpy(buf+buf_len-TRUNCATED_STR_LEN, TRUNCATED_STR,
-              buf_len-(buf_len-TRUNCATED_STR_LEN-1));
+      int offset = buf_len-TRUNCATED_STR_LEN;
+      /* We have an extra 2 characters after buf_len to hold the \n\0,
+       * so it's safe to add 1 to the size here. */
+      strlcpy(buf+offset, TRUNCATED_STR, buf_len-offset+1);
     }
     /* Set 'n' to the end of the buffer, where we'll be writing \n\0.
      * Since we already subtracted 2 from buf_len, this is safe.*/
     n = buf_len;
-
   } else {
     n += r;
   }
author	Nick Mathewson <nickm@torproject.org>	2004-11-30 06:15:06 +0000
committer	Nick Mathewson <nickm@torproject.org>	2004-11-30 06:15:06 +0000
commit	a3477223de716134745656503a6dc6645c92f967 (patch)
tree	9caa8ded24a444a5d0bf2459d4b56ce109746f9e /src/common/log.c
parent	a5d3325c5c9e10ea94748d119069c1e90541a6e9 (diff)
download	tor-a3477223de716134745656503a6dc6645c92f967.tar tor-a3477223de716134745656503a6dc6645c92f967.tar.gz