From f4b9d3841b02daa9423a4d0657bcd31e0ba00094 Mon Sep 17 00:00:00 2001
From: Marko Lindqvist <cazfi74@gmail.com>
Date: Thu, 29 Sep 2022 23:58:08 +0300
Subject: [PATCH 42/42] Improve fc_vsnprintf() boundary checks

See osdn #45719

Signed-off-by: Marko Lindqvist <cazfi74@gmail.com>
---
 utility/support.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/utility/support.c b/utility/support.c
index af66f1bb47..2fafc32996 100644
--- a/utility/support.c
+++ b/utility/support.c
@@ -905,6 +905,12 @@ int fc_vsnprintf(char *str, size_t n, const char *format, va_list ap)
     static char *buf;
     size_t len;
 
+    if (n > VSNP_BUF_SIZE) {
+      fprintf(stderr, "fc_vsnprintf() call with length " SIZE_T_PRINTF "."
+              "Maximum supported is %d", n, VSNP_BUF_SIZE);
+      exit(EXIT_FAILURE);
+    }
+
     if (!buf) {
       buf = malloc(VSNP_BUF_SIZE);
 
@@ -914,12 +920,15 @@ int fc_vsnprintf(char *str, size_t n, const char *format, va_list ap)
         exit(EXIT_FAILURE);
       }
     }
+
+    buf[VSNP_BUF_SIZE - 1] = '\0';
+
 #ifdef HAVE_VSNPRINTF
     vsnprintf(buf, n, format, ap);
 #else
     vsprintf(buf, format, ap);
 #endif /* HAVE_VSNPRINTF */
-    buf[VSNP_BUF_SIZE - 1] = '\0';
+
     len = strlen(buf);
 
     if (len >= VSNP_BUF_SIZE - 1) {
-- 
2.35.1