commit 771fb7e7baa789c55ba15c4c26c8a4889ff9fe8d Author: Roger Dingledine arma@torproject.org Date: Thu Sep 14 02:52:00 2017 -0400
get rid of the scary 256-byte-buf landmine --- src/or/directory.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/src/or/directory.c b/src/or/directory.c index 0c79b4659..ba94c9747 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3479,7 +3479,7 @@ static void write_http_status_line(dir_connection_t *conn, int status, const char *reason_phrase) { - char buf[256+RFC1123_TIME_LEN+1]; + char *buf = NULL; char *datestring = NULL;
if (!reason_phrase) { /* bullet-proofing */ @@ -3493,16 +3493,14 @@ write_http_status_line(dir_connection_t *conn, int status, tor_asprintf(&datestring, "Date: %s\r\n", datebuf); }
- if (tor_snprintf(buf, sizeof(buf), "HTTP/1.0 %d %s\r\n%s\r\n", - status, reason_phrase, datestring?datestring:"") < 0) { - log_warn(LD_BUG,"status line too long."); - tor_free(datestring); - return; - } - tor_free(datestring); + tor_asprintf(&buf, "HTTP/1.0 %d %s\r\n%s\r\n", + status, reason_phrase, datestring?datestring:"");
log_debug(LD_DIRSERV,"Wrote status 'HTTP/1.0 %d %s'", status, reason_phrase); connection_buf_add(buf, strlen(buf), TO_CONN(conn)); + + tor_free(datestring); + tor_free(buf); }
/** Write the header for an HTTP/1.0 response onto <b>conn</b>->outbuf,