From 4207df9cc84a2ad46e449960cfefffaee090bd95 Mon Sep 17 00:00:00 2001
From: erickson <erickson@9efc2488-bf62-4759-914b-345cdb29e865>
Date: Thu, 3 May 2007 15:10:06 +0000
Subject: [PATCH] committing scott m's buffer protection patch

git-svn-id: svn://svn.open-ils.org/OpenSRF/trunk@872 9efc2488-bf62-4759-914b-345cdb29e865
---
 src/libstack/osrf_app_session.c | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/libstack/osrf_app_session.c b/src/libstack/osrf_app_session.c
index e3bfe5c..2bc03da 100644
--- a/src/libstack/osrf_app_session.c
+++ b/src/libstack/osrf_app_session.c
@@ -188,22 +188,29 @@ osrf_app_session* osrf_app_client_session_init( char* remote_service ) {
 	session->transport_handle = osrf_system_get_transport_client();
 	if( session->transport_handle == NULL ) {
 		osrfLogWarning( OSRF_LOG_MARK, "No transport client for service 'client'");
+		free( session );
 		return NULL;
 	}
 
 	char target_buf[512];
-	memset(target_buf,0,512);
+	target_buf[ 0 ] = '\0';
 
 	osrfStringArray* arr = osrfNewStringArray(8);
 	osrfConfigGetValueList(NULL, arr, "/domains/domain");
 	char* domain = osrfStringArrayGetString(arr, 0);
 	char* router_name = osrfConfigGetValue(NULL, "/router_name");
 	
-	sprintf( target_buf, "%s@%s/%s",  router_name, domain, remote_service );
+	int len = snprintf( target_buf, 512, "%s@%s/%s",  router_name, domain, remote_service );
 	osrfStringArrayFree(arr);
 	//free(domain);
 	free(router_name);
 
+	if( len >= sizeof( target_buf ) ) {
+		osrfLogWarning( OSRF_LOG_MARK, "Buffer overflow for remote_id");
+		free( session );
+		return NULL;
+	}
+
 	session->request_queue = osrfNewList();
 	session->request_queue->freeItem = &_osrf_app_request_free;
 	session->remote_id = strdup(target_buf);
-- 
2.43.2