fix potential buffer overflow in test-server logging function

diff --git a/tests/server/util.c b/tests/server/util.c
index af90597..8c43981 100644 (file)
--- a/tests/server/util.c
+++ b/tests/server/util.c
@@ -62,7 +62,7 @@ const struct in6_addr in6addr_any = {{ IN6ADDR_ANY_INIT }};
 void logmsg(const char *msg, ...)
 {
   va_list ap;
-  char buffer[512]; /* possible overflow if you pass in a huge string */
+  char buffer[2048 + 1];
   FILE *logfp;
   int error;
   struct timeval tv;
@@ -80,10 +80,10 @@ void logmsg(const char *msg, ...)
   now = localtime(&sec); /* not multithread safe but we don't care */
 
   snprintf(timebuf, sizeof(timebuf), "%02d:%02d:%02d.%06ld",
-           now->tm_hour, now->tm_min, now->tm_sec, tv.tv_usec);
+    (int)now->tm_hour, (int)now->tm_min, (int)now->tm_sec, (long)tv.tv_usec);
 
   va_start(ap, msg);
-  vsprintf(buffer, msg, ap);
+  vsnprintf(buffer, sizeof(buffer), msg, ap);
   va_end(ap);
 
   logfp = fopen(serverlogfile, "a");