Merge pull request #897 from spbnick/strlcpy_fix
authorAlan DeKok <aland@freeradius.org>
Tue, 3 Feb 2015 13:32:49 +0000 (08:32 -0500)
committerAlan DeKok <aland@freeradius.org>
Tue, 3 Feb 2015 13:32:49 +0000 (08:32 -0500)
log: Check message buffer length to avoid overflow

src/main/log.c

index 7470897..16d3faf 100644 (file)
@@ -311,6 +311,8 @@ void radlog_request(int lvl, int priority, REQUEST *request, const char *msg, ..
 
                if (len < sizeof(buffer)) {
                        len += strlcpy(buffer + len, fr_int2str(levels, (lvl & ~L_CONS), ": "), sizeof(buffer) - len);
+                       if (len >= sizeof(buffer))
+                               len = sizeof(buffer) - 1;
                }
        }