From 55639a2dbc7b2fd5bca9f7068ae0153627e8a7fa Mon Sep 17 00:00:00 2001 From: Stefan Behrens <sbehrens@giantdisaster.de> Date: Tue, 21 Apr 2015 13:50:38 +0200 Subject: [PATCH] rsync: fix of-by-one in check of snprintf() result Signed-off-by: Stefan Behrens <sbehrens@giantdisaster.de> --- io.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/io.c b/io.c index b9a9bd082737..03e13d846fa0 100644 --- a/io.c +++ b/io.c @@ -2283,7 +2283,7 @@ void io_printf(int fd, const char *format, ...) if (len < 0) exit_cleanup(RERR_PROTOCOL); - if (len > (int)sizeof buf) { + if (len >= (int)sizeof buf) { rprintf(FERROR, "io_printf() was too long for the buffer.\n"); exit_cleanup(RERR_PROTOCOL); } -- 1.7.7
Thanks for pointing that out, and for the patch. I've applied it. Note that it works better to attach the patch to the ticket instead of paste it, as that preserves the tabs, making it easier to apply the patch.