From 96e2f9f3a70a7c918772f7dde57c6cb8befbc60e Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@revosec.ch>
Date: Fri, 18 Jun 2010 09:18:27 +0200
Subject: [PATCH] snprintf() fixes, version 4.4.0

---
 .../credentials/ietf_attributes/ietf_attributes.c  |   13 +++++++++++--
 src/libstrongswan/utils/identification.c           |   12 ++++++++++++
 src/pluto/x509.c                                   |    4 ++++
 3 files changed, 27 insertions(+), 2 deletions(-)

Index: strongswan/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c
===================================================================
--- strongswan.orig/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c	2010-06-24 20:43:01.000000000 +0200
+++ strongswan/src/libstrongswan/credentials/ietf_attributes/ietf_attributes.c	2010-06-24 20:45:07.000000000 +0200
@@ -159,7 +159,7 @@
 		enumerator = this->list->create_enumerator(this->list);
 		while (enumerator->enumerate(enumerator, &attr))
 		{
-			int written = 0;
+			int written;
 
 			if (first)
 			{
@@ -168,6 +168,10 @@
 			else
 			{
 				written = snprintf(pos, len, ", ");
+				if (written < 0 || written >= len)
+				{
+					break;
+				}
 				pos += written;
 				len -= written; 
 			}
@@ -194,8 +198,13 @@
 					break;
 				}
 				default:
+					written = 0;
 					break;
 			}
+			if (written < 0 || written >= len)
+			{
+				break;
+			}
 			pos += written;
 			len -= written;
 		}
Index: strongswan/src/libstrongswan/utils/identification.c
===================================================================
--- strongswan.orig/src/libstrongswan/utils/identification.c	2010-06-24 20:43:01.000000000 +0200
+++ strongswan/src/libstrongswan/utils/identification.c	2010-06-24 20:44:09.348295306 +0200
@@ -297,18 +297,30 @@
 		{
 			written = snprintf(buf, len,"%s=", oid_names[oid].name);
 		}
+		if (written < 0 || written >= len)
+		{
+			break;
+		}
 		buf += written;
 		len -= written;
 
 		chunk_printable(data, &printable, '?');
 		written = snprintf(buf, len, "%.*s", printable.len, printable.ptr);
 		chunk_free(&printable);
+		if (written < 0 || written >= len)
+		{
+			break;
+		}
 		buf += written;
 		len -= written;
 
 		if (data.ptr + data.len != dn.ptr + dn.len)
 		{
 			written = snprintf(buf, len, ", ");
+			if (written < 0 || written >= len)
+			{
+				break;
+			}
 			buf += written;
 			len -= written;
 		}
Index: strongswan/src/pluto/x509.c
===================================================================
--- strongswan.orig/src/pluto/x509.c	2010-06-24 20:43:01.000000000 +0200
+++ strongswan/src/pluto/x509.c	2010-06-24 20:44:09.352296635 +0200
@@ -393,6 +393,10 @@
 				{
 					written = snprintf(pos, len, ", %Y", id);
 				}
+				if (written < 0 || written >= len)
+				{
+					break;
+				}
 				pos += written;
 				len -= written;
 			}