commit 771fb7e7baa789c55ba15c4c26c8a4889ff9fe8d Author: Roger Dingledine <arma@torproject.org> Date: Thu Sep 14 02:52:00 2017 -0400 get rid of the scary 256-byte-buf landmine --- src/or/directory.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/src/or/directory.c b/src/or/directory.c index 0c79b4659..ba94c9747 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3479,7 +3479,7 @@ static void write_http_status_line(dir_connection_t *conn, int status, const char *reason_phrase) { - char buf[256+RFC1123_TIME_LEN+1]; + char *buf = NULL; char *datestring = NULL; if (!reason_phrase) { /* bullet-proofing */ @@ -3493,16 +3493,14 @@ write_http_status_line(dir_connection_t *conn, int status, tor_asprintf(&datestring, "Date: %s\r\n", datebuf); } - if (tor_snprintf(buf, sizeof(buf), "HTTP/1.0 %d %s\r\n%s\r\n", - status, reason_phrase, datestring?datestring:"") < 0) { - log_warn(LD_BUG,"status line too long."); - tor_free(datestring); - return; - } - tor_free(datestring); + tor_asprintf(&buf, "HTTP/1.0 %d %s\r\n%s\r\n", + status, reason_phrase, datestring?datestring:""); log_debug(LD_DIRSERV,"Wrote status 'HTTP/1.0 %d %s'", status, reason_phrase); connection_buf_add(buf, strlen(buf), TO_CONN(conn)); + + tor_free(datestring); + tor_free(buf); } /** Write the header for an HTTP/1.0 response onto <b>conn</b>-\>outbuf,