Hi Istvan,
> + /*
> + * sizeof( buffer2 ) - 3 is room for CR/LF/NUL
> + */
> if( proc )
> - hb_snprintf( buffer2, sizeof( buffer2 ), "%s:%d:%s() %s %s",
> - file, line, proc, pszLevel, buffer1 );
> + n = hb_snprintf( buffer2, sizeof( buffer2 ) - 3, "%s:%d:%s() %s %s",
> + file, line, proc, pszLevel, buffer1 );
> else
> - hb_snprintf( buffer2, sizeof( buffer2 ), "%s:%d: %s %s",
> - file, line, pszLevel, buffer1 );
> + n = hb_snprintf( buffer2, sizeof( buffer2 ) - 3, "%s:%d: %s %s",
> + file, line, pszLevel, buffer1 );
>
> + /*
> + * Normalize buffer2 with ending CR/LF/NUL
> + */
> + p = buffer2;
> + p += (n < 0) ? sizeof( buffer2 ) - 3 : n;
> + while ( p > buffer2 && isspace( p[-1] ) )
> + {
> + *--p = '\0';
> + }
> + *p++ = '\r';
> + *p++ = '\n';
> + *p = '\0';
> +
Maybe I'm missing something but isn't hb_snprintf() _always_
closing string with a zero? If not, we have serious security
problems in hundreds of places in Harbour.
If this is the case, we should rather fix hb_snprintf(),
than this one specific call of it.
Also, shouldn't \r \n simply added to printf mask string?
Brgds,
Viktor
_______________________________________________
Harbour mailing list (attachment size limit: 40KB)
[email protected]
http://lists.harbour-project.org/mailman/listinfo/harbour
