X-Git-Url: https://mattmccutchen.net/rsync/rsync.git/blobdiff_plain/ba35824322939b54352443461bc645c29f61cfb6..fcb69e5cdcfdfd0bdcea2127e5f4c9133a2282b9:/log.c diff --git a/log.c b/log.c index 3e4d65aa..e79bc220 100644 --- a/log.c +++ b/log.c @@ -30,6 +30,7 @@ static char *logfname; static FILE *logfile; static int log_error_fd = -1; +struct stats stats; int log_got_error=0; @@ -41,6 +42,7 @@ struct { { RERR_PROTOCOL , "protocol incompatibility" }, { RERR_FILESELECT , "errors selecting input/output files, dirs" }, { RERR_UNSUPPORTED, "requested action not supported" }, + { RERR_STARTCLIENT, "error starting client-server protocol" }, { RERR_SOCKETIO , "error in socket IO" }, { RERR_FILEIO , "error in file IO" }, { RERR_STREAMIO , "error in rsync protocol data stream" }, @@ -236,7 +238,11 @@ void rwrite(enum logcode code, char *buf, int len) return; } - /* if that fails, try to pass it to the other end */ + /* If that fails, try to pass it to the other end. + * + * io_multiplex_write can fail if we do not have a multiplexed + * connection at the moment, in which case we fall through and + * log locally instead. */ if (am_server && io_multiplex_write(code, buf, len)) { return; } @@ -286,10 +292,35 @@ void rprintf(enum logcode code, const char *format, ...) int len; va_start(ap, format); - len = vslprintf(buf, sizeof(buf), format, ap); + /* Note: might return -1 */ + len = vsnprintf(buf, sizeof(buf), format, ap); va_end(ap); - if (len > sizeof(buf)-1) exit_cleanup(RERR_MESSAGEIO); + /* Deal with buffer overruns. Instead of panicking, just + * truncate the resulting string. Note that some vsnprintf()s + * return -1 on truncation, e.g., glibc 2.0.6 and earlier. */ + if ((size_t) len > sizeof(buf)-1 || len < 0) { + const char ellipsis[] = "[...]"; + + /* Reset length, and zero-terminate the end of our buffer */ + len = sizeof(buf)-1; + buf[len] = '\0'; + + /* Copy the ellipsis to the end of the string, but give + * us one extra character: + * + * v--- null byte at buf[sizeof(buf)-1] + * abcdefghij0 + * -> abcd[...]00 <-- now two null bytes at end + * + * If the input format string has a trailing newline, + * we copy it into that extra null; if it doesn't, well, + * all we lose is one byte. */ + strncpy(buf+len-sizeof(ellipsis), ellipsis, sizeof(ellipsis)); + if (format[strlen(format)-1] == '\n') { + buf[len-1] = '\n'; + } + } rwrite(code, buf, len); } @@ -307,18 +338,23 @@ void rsyserr(enum logcode code, int errcode, const char *format, ...) { va_list ap; char buf[1024]; - int len, sys_len; + int len; + size_t sys_len; char *sysmsg; va_start(ap, format); - len = vslprintf(buf, sizeof(buf), format, ap); + /* Note: might return <0 */ + len = vsnprintf(buf, sizeof(buf), format, ap); va_end(ap); - if (len > sizeof(buf)-1) exit_cleanup(RERR_MESSAGEIO); + /* TODO: Put in RSYNC_NAME at the start. */ + + if ((size_t) len > sizeof(buf)-1) + exit_cleanup(RERR_MESSAGEIO); sysmsg = strerror(errcode); sys_len = strlen(sysmsg); - if (len + 3 + sys_len > sizeof(buf) - 1) + if ((size_t) len + 3 + sys_len > sizeof(buf) - 1) exit_cleanup(RERR_MESSAGEIO); strcpy(buf + len, ": "); @@ -375,12 +411,18 @@ static void log_formatted(enum logcode code, char buf[1024]; char buf2[1024]; char *p, *s, *n; - int l; + size_t l; extern struct stats stats; extern int am_sender; extern int am_daemon; int64 b; + /* We expand % codes one by one in place in buf. We don't + * copy in the terminating nul of the inserted strings, but + * rather keep going until we reach the nul of the format. + * Just to make sure we don't clobber that nul and therefore + * accidentally keep going, we zero the buffer now. */ + memset(buf, 0, sizeof buf); strlcpy(buf, format, sizeof(buf)); for (s=&buf[0]; @@ -392,18 +434,18 @@ static void log_formatted(enum logcode code, case 'h': if (am_daemon) n = client_name(0); break; case 'a': if (am_daemon) n = client_addr(0); break; case 'l': - slprintf(buf2,sizeof(buf2),"%.0f", + snprintf(buf2,sizeof(buf2),"%.0f", (double)file->length); n = buf2; break; case 'p': - slprintf(buf2,sizeof(buf2),"%d", + snprintf(buf2,sizeof(buf2),"%d", (int)getpid()); n = buf2; break; case 'o': n = op; break; case 'f': - slprintf(buf2, sizeof(buf2), "%s/%s", + snprintf(buf2, sizeof(buf2), "%s/%s", file->basedir?file->basedir:"", f_name(file)); clean_fname(buf2); @@ -422,7 +464,7 @@ static void log_formatted(enum logcode code, b = stats.total_read - initial_stats->total_read; } - slprintf(buf2,sizeof(buf2),"%.0f", (double)b); + snprintf(buf2,sizeof(buf2),"%.0f", (double)b); n = buf2; break; case 'c': @@ -433,26 +475,35 @@ static void log_formatted(enum logcode code, b = stats.total_read - initial_stats->total_read; } - slprintf(buf2,sizeof(buf2),"%.0f", (double)b); + snprintf(buf2,sizeof(buf2),"%.0f", (double)b); n = buf2; break; } - if (!n) continue; + /* n is the string to be inserted in place of this % + * code; l is its length not including the trailing + * NUL */ + if (!n) + continue; l = strlen(n); - if ((l-1) + ((int)(s - &buf[0])) > sizeof(buf)) { + if (l + ((int)(s - &buf[0])) >= sizeof(buf)) { rprintf(FERROR,"buffer overflow expanding %%%c - exiting\n", p[0]); exit_cleanup(RERR_MESSAGEIO); } + /* Shuffle the rest of the string along to make space for n */ if (l != 2) { memmove(s+(l-1), s+1, strlen(s+1)+1); } + + /* Copy in n but NOT its nul, because the format sting + * probably continues after this. */ memcpy(p, n, l); + /* Skip over inserted string; continue looking */ s = p+l; } @@ -516,20 +567,16 @@ void log_exit(int code, const char *file, int line) } } - - - -/* log the incoming transfer of a file for interactive use, this - will be called at the end where the client was run - - it i called when a file starts to be transferred -*/ +/* + * Log the incoming transfer of a file for interactive use, + * this will be called at the end where the client was run. + * Called when a file starts to be transferred. + */ void log_transfer(struct file_struct *file, const char *fname) { extern int verbose; if (!verbose) return; - rprintf(FINFO,"%s\n", fname); + rprintf(FINFO, "%s\n", fname); } -