From: gilles <gilles@openbsd.org>
Date: Tue, 6 Oct 2015 06:44:47 +0000 (+0000)
Subject: fix snprintf() error checking in token expansion code, these can't possibly
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=5fdf736d34e42b844ab403d71634983d0183bb9f;p=openbsd

fix snprintf() error checking in token expansion code, these can't possibly
fail but it's no excuse for getting the checks wrong.

spotted by qualys
---

diff --git a/usr.sbin/smtpd/lka_session.c b/usr.sbin/smtpd/lka_session.c
index 0996d66e236..f36642396ea 100644
--- a/usr.sbin/smtpd/lka_session.c
+++ b/usr.sbin/smtpd/lka_session.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: lka_session.c,v 1.70 2015/10/02 00:29:51 gilles Exp $	*/
+/*	$OpenBSD: lka_session.c,v 1.71 2015/10/06 06:44:47 gilles Exp $	*/
 
 /*
  * Copyright (c) 2011 Gilles Chehade <gilles@poolp.org>
@@ -623,19 +623,19 @@ lka_expand_token(char *dest, size_t len, const char *token,
 	/* token -> expanded token */
 	if (! strcasecmp("sender", rtoken)) {
 		if (snprintf(tmp, sizeof tmp, "%s@%s",
-			ep->sender.user, ep->sender.domain) <= 0)
+			ep->sender.user, ep->sender.domain) >= (int)sizeof tmp)
 			return 0;
 		string = tmp;
 	}
 	else if (! strcasecmp("dest", rtoken)) {
 		if (snprintf(tmp, sizeof tmp, "%s@%s",
-			ep->dest.user, ep->dest.domain) <= 0)
+			ep->dest.user, ep->dest.domain) >= (int)sizeof tmp)
 			return 0;
 		string = tmp;
 	}
 	else if (! strcasecmp("rcpt", rtoken)) {
 		if (snprintf(tmp, sizeof tmp, "%s@%s",
-			ep->rcpt.user, ep->rcpt.domain) <= 0)
+			ep->rcpt.user, ep->rcpt.domain) >= (int)sizeof tmp)
 			return 0;
 		string = tmp;
 	}