tal/str: fix infinite loop of tal_fmt() with empty string.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

diff --git a/ccan/tal/str/str.c b/ccan/tal/str/str.c
index 83dac663f7175d6c95a21a17f3337f61e26aebc0..7adb9ef5aefbf990067a1dc80569dbba6f679587 100644 (file)
--- a/ccan/tal/str/str.c
+++ b/ccan/tal/str/str.c
@@ -52,7 +52,7 @@ char *tal_fmt(const tal_t *ctx, const char *fmt, ...)
 static bool do_vfmt(char **buf, size_t off, const char *fmt, va_list ap)
 {
        /* A decent guess to start. */
-       size_t max = strlen(fmt) * 2;
+       size_t max = strlen(fmt) * 2 + 1;
        bool ok;
 
        for (;;) {

diff --git a/ccan/tal/str/test/run-fmt-terminate.c b/ccan/tal/str/test/run-fmt-terminate.c
new file mode 100644 (file)
index 0000000..9dfd001
--- /dev/null
+++ b/ccan/tal/str/test/run-fmt-terminate.c
@@ -0,0 +1,22 @@
+#include <ccan/tal/str/str.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <ccan/tal/str/str.c>
+#include <ccan/tap/tap.h>
+#include "helper.h"
+
+/* Empty format string: should still terminate! */
+int main(int argc, char *argv[])
+{
+       char *str;
+       const char *fmt = "";
+
+       plan_tests(1);
+       /* GCC complains about empty format string, complains about non-literal
+        * with no args... */
+       str = tal_fmt(NULL, fmt, "");
+       ok1(!strcmp(str, ""));
+       tal_free(str);
+
+       return exit_status();
+}