From: Ralph Corderoy <ralph@inputplus.co.uk>
Date: Sat, 22 Oct 2016 14:53:51 +0000 (+0100)
Subject: Check advertise()'s iob[] isn't too short with assert(3).
X-Git-Url: https://diplodocus.org/git/nmh/commitdiff_plain/5b01163dec51496cc4c50648d6674d67f0092a33?ds=sidebyside;hp=1e424a2249aa6b911fd3be973de00cee413342eb

Check advertise()'s iob[] isn't too short with assert(3).

Using DIM(a) added to h/mh.h
---

diff --git a/h/mh.h b/h/mh.h
index 55825da0..67b71702 100644
--- a/h/mh.h
+++ b/h/mh.h
@@ -43,6 +43,9 @@ typedef unsigned char  boolean;  /* not int so we can pack in a structure */
 #define NMH_UNUSED(i) i
 #endif
 
+/* DIM gives the number of elements in the one-dimensional array a. */
+#define DIM(a) (sizeof (a) / sizeof (*(a)))
+
 /* LEN gives the strlen() of string constant s, excluding the
  * terminating NUL. */
 #define LEN(s) (sizeof (s) - 1)
diff --git a/sbr/error.c b/sbr/error.c
index 5dc84e87..d6d96851 100644
--- a/sbr/error.c
+++ b/sbr/error.c
@@ -70,7 +70,8 @@ advertise (const char *what, char *tail, const char *fmt, va_list ap)
 {
     int	eindex = errno;
     char buffer[BUFSIZ], errbuf[BUFSIZ], *err;
-    struct iovec iob[20], *iov;
+    struct iovec iob[10], *iov;
+    size_t niov;
 
     iov = iob;
 
@@ -112,9 +113,12 @@ advertise (const char *what, char *tail, const char *fmt, va_list ap)
 #undef ADD_LITERAL
 #undef ADD_VAR
 
+    niov = iov - iob;
+    assert(niov <= DIM(iob));
+
     fflush (stdout);
     fflush (stderr);
-    if (writev (fileno (stderr), iob, iov - iob) < 0) {
+    if (writev(fileno(stderr), iob, niov) == -1) {
         snprintf(buffer, sizeof buffer, "%s: write stderr failed: %d\n",
             invo_name && *invo_name ? invo_name : "nmh", errno);
         if (write(2, buffer, strlen(buffer)) == -1) {