From bbc595bc456f198198ae96af6aa8b86ae2721e36 Mon Sep 17 00:00:00 2001
From: Adam Dickmeiss <adam@indexdata.dk>
Date: Tue, 5 Jun 2007 05:58:16 +0000
Subject: [PATCH] Fixed potential buffer overrun in yaz_log for YLOG_ERRNO
 messages.

---
 src/log.c |   12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/src/log.c b/src/log.c
index ab87c32..f358690 100644
--- a/src/log.c
+++ b/src/log.c
@@ -2,7 +2,7 @@
  * Copyright (C) 1995-2007, Index Data ApS
  * See the file LICENSE for details.
  *
- * $Id: log.c,v 1.51 2007-05-06 20:12:20 adam Exp $
+ * $Id: log.c,v 1.52 2007-06-05 05:58:16 adam Exp $
  */
 
 /**
@@ -439,9 +439,13 @@ void yaz_log(int level, const char *fmt, ...)
 
     if (o_level & YLOG_ERRNO)
     {
-        strcat(buf, " [");
-        yaz_strerror(buf+strlen(buf), 2048);
-        strcat(buf, "]");
+        int remain = sizeof(buf) - strlen(buf);
+        if (remain > 100) /* reasonable minimum space for error */
+        {
+            strcat(buf, " [");
+            yaz_strerror(buf+strlen(buf), remain-5); /* 5 due to extra [] */
+            strcat(buf, "]");
+        }
     }
     va_end (ap);
     if (start_hook_func)
-- 
1.7.10.4