From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.4 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4
Received: (qmail 20672 invoked from network); 8 Feb 2022 12:38:56 -0000
Received: from lists.zx2c4.com (165.227.139.114)
  by inbox.vuxu.org with ESMTPUTF8; 8 Feb 2022 12:38:56 -0000
Received: 
	by lists.zx2c4.com (OpenSMTPD) with ESMTP id d4aff422;
	Tue, 8 Feb 2022 12:38:39 +0000 (UTC)
Return-Path: <list@eworm.de>
Received: from mx.mylinuxtime.de (mx.mylinuxtime.de [195.201.174.144])
 by lists.zx2c4.com (OpenSMTPD) with ESMTPS id c3b0556a
 (TLSv1.3:AEAD-AES256-GCM-SHA384:256:NO) for <cgit@lists.zx2c4.com>;
 Tue, 8 Feb 2022 12:38:38 +0000 (UTC)
Received: from leda.eworm.net
 (p200300cF2F3eAF00810dB6a2e0BD9e14.dip0.t-ipconnect.de
 [IPv6:2003:cf:2f3e:af00:810d:b6a2:e0bd:9e14])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest
 SHA256) (No client certificate requested)
 by mx.mylinuxtime.de (Postfix) with ESMTPSA id 50CAE10D887;
 Tue,  8 Feb 2022 13:38:36 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eworm.de; s=mail;
 t=1644323916;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 in-reply-to:in-reply-to:references:references;
 bh=uZND8GNpBMEhAL+RFEUnV79LyUdr/o1UPyvRsOb1F7o=;
 b=o2f4IyfxMb5ES3JWbUIE1odPRaZZWbHE+0f1xD9tenTCMgTffol3hxsy9OsYxCNG58Pys1
 x9kbL7dwqu10GE+Qz5OQlTXkmp0XhSwbiovd04p96VsZGfiZm7CKAa9K+VKbb4+Ohz/A6O
 ZabsTHJykciSO7PLjI8+neV2ghrvuhI=
Date: Tue, 8 Feb 2022 13:38:28 +0100
From: Christian Hesse <list@eworm.de>
To: lemon <lsof@mailbox.org>
Cc: cgit@lists.zx2c4.com
Subject: Re: [PATCH] html: fix fmt() off-by-one error
Message-ID: <20220208133828.103214c7@leda.eworm.net>
In-Reply-To: <20220208113745.13748-1-lsof@mailbox.org>
References: <20220208113745.13748-1-lsof@mailbox.org>
X-Mailer: Claws Mail 4.0.0 (GTK+ 3.24.31; x86_64-pc-linux-gnu)
X-Face: %O:rCSk<c"<MpJ:yn<>HSKf7^4uF|FD$9$I0}g$nbnS1{DYPvs#:,~e`).mzj\$P9]V!WCveE/XdbL,L!{)6v%x4<jA|JaB-SKm74~Wa1m;
 |\QFlOg>\Bt!b#{; dS&h"7l=ow'^({02!2%XOugod|u*mYBVm-OS:VpZ"ZrRA4[Q&zye,^j;
 ftj!Hxx\1@; LM)Pz)|B%1#sfF; s; ,N?*K*^)
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAGFBMVEUZFRFENy6KVTKEd23CiGHeqofJvrX4+vdHgItOAAAACXBIWXMAAA3XAAAN1wFCKJt4AAACUklEQVQ4y2VUTZeqMAxNxXG2Io5uGd64L35unbF9ax0b3OLxgFs4PcLff0lBHeb1QIq5uelNCEJNq/TIFGyeC+iugH0WJr+B1MvzWASpuP4CYHOB0VfoDdddwA7OIFQIEHjXDiCtV5e9QX0WMu8AG0mB7g7WP4GqeqVdsi4vv/5kFBvaF/zD7zDquL4DxbrDGDyAsgNYOsJOYzth4Q9ZF6iLV+6TLAT1pi2kuvgAtZxSjoG8cL+8vIn251uoe1OOEWwbIPU04gHsmMsoxyyhYsD2FdIigF1yxaVbBuSOCAlCoX324I7wNMhrO1bhOLsRoA6DC6wQ5eQiSG5BiWQfM4gN+uItQTRDMaJUhVbGyKWCuaaUGSVFVKpl4PdoDn3yY8J+YxQxyhlHfoYOyPgyDcO+cSQK6Bvabjcy2nwRo3pxgA8jslnCuYw23ESOzHAPYwo4ITNQMaOO+RGPEGhSlPEZBh2jmBEjQ5cKbxmr0ruAe/WCriUxW76I8T3h7vqY5VR5wXLdERodg2rHEzdxxk5KpXTL4FwnarvndKM5/MWDY5CuBBdQ+3/0ivsUJHicuHd+Xh3jOdBL+FjSGq4SPCwco+orpWlERRTNo7BHCvbNXFVSIQMp+P5QsIL9upmr8kMTUOfxEHoanwzKRcNAe76WbjBwex/RkdHu48xT5YqP70DaMOhBcTHmAVDxLaBdle93oJy1QKFUh2GXT4am+YH/GGel1CeI98GdMXsytjCKIq/9cMrlgxFCROv+3/BU1fijNpcVD6DxE8VfLBaxUGr1D5usgDYdjwiPAAAAAElFTkSuQmCC
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="Sig_/uyjJ.8BIqEEQsb+4d6mxoNQ";
 protocol="application/pgp-signature"; micalg=pgp-sha256
Authentication-Results: mx.mylinuxtime.de;
 auth=pass smtp.auth=mail@eworm.de smtp.mailfrom=list@eworm.de
X-Rspamd-Server: mx
X-Stat-Signature: qk96jq37eskw4wdxhuyfspdbp6bcf7uc
X-Rspamd-Queue-Id: 50CAE10D887
X-Spamd-Result: default: False [-9.10 / 15.00]; ARC_NA(0.00)[];
 FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-3.00)[-1.000];
 MIME_GOOD(-0.20)[multipart/signed,text/plain];
 DKIM_SIGNED(0.00)[eworm.de:s=mail];
 NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2];
 SIGNED_PGP(-2.00)[]; RCVD_COUNT_ZERO(0.00)[0];
 FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~];
 ASN(0.00)[asn:3320, ipnet:2003::/19, country:DE];
 BAYES_HAM(-2.90)[99.59%]
X-BeenThere: cgit@lists.zx2c4.com
X-Mailman-Version: 2.1.30rc1
Precedence: list
List-Id: List for cgit developers and users <cgit.lists.zx2c4.com>
List-Unsubscribe: <https://lists.zx2c4.com/mailman/options/cgit>,
 <mailto:cgit-request@lists.zx2c4.com?subject=unsubscribe>
List-Archive: <http://lists.zx2c4.com/pipermail/cgit/>
List-Post: <mailto:cgit@lists.zx2c4.com>
List-Help: <mailto:cgit-request@lists.zx2c4.com?subject=help>
List-Subscribe: <https://lists.zx2c4.com/mailman/listinfo/cgit>,
 <mailto:cgit-request@lists.zx2c4.com?subject=subscribe>
Errors-To: cgit-bounces@lists.zx2c4.com
Sender: "CGit" <cgit-bounces@lists.zx2c4.com>

--Sig_/uyjJ.8BIqEEQsb+4d6mxoNQ
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

lemon <lsof@mailbox.org> on Tue, 2022/02/08 12:37:
> vsnprintf returns the byte count of the formatted output not including
> the null terminator, so in the case that len =3D=3D 1024 the last charact=
er
> of the output was being truncated and not detected by the later check.
> Changing the greater than comparison to greater than or equal fixes this
> edge case.

We already have that pending...
https://git.zx2c4.com/cgit/commit/?h=3Dch/html-fmt&id=3Dd828a623442e3fc3159=
e2c188a78e6fd4aca8af4
--=20
main(a){char*c=3D/*    Schoene Gruesse                         */"B?IJj;MEH"
"CX:;",b;for(a/*    Best regards             my address:    */=3D0;b=3Dc[a+=
+];)
putchar(b-1/(/*    Chris            cc -ox -xc - && ./x    */b/42*2-3)*42);}

--Sig_/uyjJ.8BIqEEQsb+4d6mxoNQ
Content-Type: application/pgp-signature
Content-Description: OpenPGP digital signature

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEXHmveYAHrRp+prOviUUh18yA9HYFAmICZEUACgkQiUUh18yA
9HaHSwf/YS8d0sNQpWwu+KUA9p2KJjoz6ZrWu8Itoxi/Aba2JQMOxk0O9E8+ZTTw
Ztvu2UUQsBU8zi13Le2DaZwLol8GqOTq+CTmV6zDI68Q6OnidxL3JoktpcYC5DHN
SKwH1f+xluP56p1T/mFIZ7Jo+zvVPCI7tvUBpDGkMQMjszMBoGsXMQa+xgjR96pl
RpJO0mexIpSoe1k9Fzvm13PpEmSCy5KnzBKYyCdteYuLSFwAzjsgFr+XzbMZ3c4S
sr4Cto+G1dLISLO4LPB4TsBc74l0BqllN64Cum7Xy5Y8nzZA6KH3rj+20CXzvHnf
kq+dzou+9z1kxr4HpbrA6tFo7cEFOw==
=IjpD
-----END PGP SIGNATURE-----

--Sig_/uyjJ.8BIqEEQsb+4d6mxoNQ--