From 23e9e0b1d2b6eb14d8cbd0adc005d7b707ab71e2 Mon Sep 17 00:00:00 2001
From: fyodor <fyodor@e0a8ed71-7df4-0310-8962-fdc924857419>
Date: Sat, 11 Aug 2007 05:56:10 +0000
Subject: [PATCH] merge soc07 r5225 - fix for systems which return -1 when
 vsnprintf doesn't have enough space rather than returning the amount of space
 needed.

---
 CHANGELOG |  4 ++++
 output.cc | 16 ++++++++++------
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 46aa9d3f1..06ca47dc7 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -3,6 +3,10 @@
 o Performed a bunch of OS fingerprint text canonicalization thanks to
   reports of dozens of capitalization inconsistencies from Suicidal Bob.
 
+o Fixed an output bug on systems like Windows which return -1 when
+  vsnprintf is passed a too-small buffer rather than returning the
+  size needed.  Thanks to jah (jah(a)zadkiel.plus.com) for the report.
+
 4.22SOC2
 
 o NSE compilation fixes by Stoiko and Kris
diff --git a/output.cc b/output.cc
index d0c0d3dc0..7c0cedb07 100644
--- a/output.cc
+++ b/output.cc
@@ -883,13 +883,17 @@ void log_vwrite(int logt, const char *fmt, va_list ap) {
       if (len == 0) {
 	va_end(apcopy);
 	return;
-      } else if (len < 0) {
-	fatal("vsnprintf returned %d in %s -- bizarre. Quitting.", len, __func__);
-      } else if (len >= writebuflen) {
+      } else if (len < 0 || len >= writebuflen) {
 	/* Didn't have enough space.  Expand writebuf and try again */
-	free(writebuf);
-	writebuflen = len + 1024;
-	writebuf = (char *) safe_malloc(writebuflen);
+	if (len >= writebuflen) {
+	  writebuflen = len + 1024;
+	} else {
+	  /* Windows seems to just give -1 rather than the amount of space we 
+	     would need.  So lets just gulp up a huge amount in the hope it
+	     will be enough */
+	  writebuflen *= 100;
+	}
+	writebuf = (char *) safe_realloc(writebuf, writebuflen);
 	len = vsnprintf(writebuf, writebuflen, fmt, apcopy);
 	if (len <= 0 || len >= writebuflen) {
 	  fatal("%s: vnsprintf failed.  Even after increasing bufferlen to %d, vsnprintf returned %d (logt == %d).  Please email this message to fyodor@insecure.org.  Quitting.", __func__, writebuflen, len, logt);