From 5ffa8c818120e35c89becd938d160235c069dd12 Mon Sep 17 00:00:00 2001
From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Tue, 27 Jan 2015 08:00:11 -0500
Subject: Add a snprinf wrapper which checks that the buffer was big enough

If we scale our buffer to be wide enough for the format string, we
should expect that the calculation was correct.

char_array_0() invocations are removed, since snprintf nul-terminates
the output in any case.

A similar wrapper is used for strftime calls, but only in timedatectl.c.
---
 src/libsystemd-terminal/subterm.c | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

(limited to 'src/libsystemd-terminal')

diff --git a/src/libsystemd-terminal/subterm.c b/src/libsystemd-terminal/subterm.c
index 7c119ac58a..63cd2a5ad6 100644
--- a/src/libsystemd-terminal/subterm.c
+++ b/src/libsystemd-terminal/subterm.c
@@ -161,16 +161,14 @@ static int output_write(Output *o, const void *buf, size_t size) {
 
 _printf_(3,0)
 static int output_vnprintf(Output *o, size_t max, const char *format, va_list args) {
-        char buf[4096];
+        char buf[max];
         int r;
 
         assert_return(o, -EINVAL);
         assert_return(format, -EINVAL);
-        assert_return(max <= sizeof(buf), -EINVAL);
+        assert_return(max <= 4096, -EINVAL);
 
-        r = vsnprintf(buf, max, format, args);
-        if (r > (ssize_t)max)
-                r = max;
+        r = MIN(vsnprintf(buf, max, format, args), (int) max);
 
         return output_write(o, buf, r);
 }
-- 
cgit v1.2.3-54-g00ecf