From: Simon Ruderich <simon@ruderich.org>
Date: Tue, 6 Sep 2011 14:13:12 +0000 (+0200)
Subject: Check return value of snprintf().
X-Git-Url: https://ruderich.org/simon/gitweb/?p=tlsproxy%2Ftlsproxy.git;a=commitdiff_plain;h=a964f7f572ec43c2d2f143bdb4a467f1ea5dbc36

Check return value of snprintf().
---

diff --git a/src/connection.c b/src/connection.c
index 1d94d79..ed8a594 100644
--- a/src/connection.c
+++ b/src/connection.c
@@ -371,7 +371,16 @@ static int initialize_tls_session_client(int peer_socket,
             hostname);
         return -1;
     }
-    snprintf(path, sizeof(path), PROXY_SERVER_CERT_FORMAT, hostname);
+    result = snprintf(path, sizeof(path), PROXY_SERVER_CERT_FORMAT, hostname);
+    if (result < 0) {
+        LOG_PERROR(LOG_ERROR,
+                   "initialize_tls_session_client(): snprintf failed");
+        return -1;
+    } else if ((size_t)result >= sizeof(path)) {
+        LOG(LOG_ERROR,
+            "initialize_tls_session_client(): snprintf buffer too short");
+        return -1;
+    }
 
     result = gnutls_certificate_allocate_credentials(x509_cred);
     if (GNUTLS_E_SUCCESS != result) {
@@ -555,15 +564,26 @@ static void tls_send_invalid_cert_message(gnutls_session_t session) {
 #define RESPONSE_ERROR "500 Internal Server Error"
 #define RESPONSE_MSG   "Server certificate validation failed, check logs."
 
+    int result;
     char buffer[sizeof(HTTP_RESPONSE_FORMAT) - 1 /* '\0' */
                                              - 4 * 2 /* four %s */
                 + (sizeof(RESPONSE_ERROR) - 1 /* '\0' */) * 3
                 + sizeof(RESPONSE_MSG)    - 1 /* '\0' */
                 + 1 /* '\0' */];
 
-    snprintf(buffer, sizeof(buffer),
-             HTTP_RESPONSE_FORMAT,
-             RESPONSE_ERROR, RESPONSE_ERROR, RESPONSE_ERROR, RESPONSE_MSG);
+    result = snprintf(buffer, sizeof(buffer),
+                      HTTP_RESPONSE_FORMAT,
+                      RESPONSE_ERROR, RESPONSE_ERROR, RESPONSE_ERROR,
+                      RESPONSE_MSG);
+    if (result < 0) {
+        LOG_PERROR(LOG_ERROR,
+                   "tls_send_invalid_cert_message(): snprintf failed");
+        return;
+    } else if ((size_t)result >= sizeof(buffer)) {
+        LOG(LOG_ERROR,
+            "tls_send_invalid_cert_message(): snprintf buffer too short");
+        return;
+    }
 
     gnutls_record_send(session, buffer, sizeof(buffer) - 1);
                                         /* don't send trailing '\0' */
diff --git a/src/verify.c b/src/verify.c
index 5248dd6..63ca6da 100644
--- a/src/verify.c
+++ b/src/verify.c
@@ -157,6 +157,8 @@ int verify_tls_connection(gnutls_session_t session, const char *hostname) {
 
 int server_certificate_path(FILE **file, const char *hostname,
                             char *path, size_t size) {
+    int result;
+
     /* Hostname too long. */
     if (size - strlen(STORED_SERVER_CERT_FORMAT) <= strlen(hostname)) {
         LOG(LOG_WARNING,
@@ -171,7 +173,16 @@ int server_certificate_path(FILE **file, const char *hostname,
             hostname);
         return -1;
     }
-    snprintf(path, size, STORED_SERVER_CERT_FORMAT, hostname);
+    result = snprintf(path, size, STORED_SERVER_CERT_FORMAT, hostname);
+    if (result < 0) {
+        LOG_PERROR(LOG_ERROR,
+                   "server_certificate_path(): snprintf failed");
+        return -1;
+    } else if ((size_t)result >= size) {
+        LOG(LOG_ERROR,
+            "server_certificate_path(): snprintf buffer too short");
+        return -1;
+    }
 
     /* Open the stored certificate file. */
     *file = fopen(path, "rb");