From 5be4a8436b98988944c909f7da5384078a843916 Mon Sep 17 00:00:00 2001
From: "C. McEnroe" <june@causal.agency>
Date: Wed, 1 Jan 2020 17:08:46 -0500
Subject: Assert that SQL query fits in buffer

---
 scoop.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/scoop.c b/scoop.c
index 0bf3230..bd1ef2d 100644
--- a/scoop.c
+++ b/scoop.c
@@ -14,6 +14,7 @@
  * along with this program.  If not, see <https://www.gnu.org/licenses/>.
  */
 
+#include <assert.h>
 #include <err.h>
 #include <stdbool.h>
 #include <stdio.h>
@@ -335,9 +336,10 @@ int main(int argc, char *argv[]) {
 		errx(EX_CONFIG, "database out of date; migrate with litterbox -m");
 	}
 
+	int len;
 	char sql[4096];
 	if (search) {
-		snprintf(
+		len = snprintf(
 			sql, sizeof(sql),
 			"WITH results AS (%s AND %s AND %s %s) %s;",
 			Inner, Search, (where ? where : "true"), Limit,
@@ -345,12 +347,13 @@ int main(int argc, char *argv[]) {
 		);
 		binds[n++] = Bind(":search", search, 0);
 	} else {
-		snprintf(
+		len = snprintf(
 			sql, sizeof(sql),
 			"WITH results AS (%s AND %s %s) %s;",
 			Inner, (where ? where : "true"), Limit, (group ? Group : Outer)
 		);
 	}
+	assert((size_t)len < sizeof(sql));
 
 	sqlite3_stmt *stmt = dbPrepare(sql);
 	for (int i = 0; i < n; ++i) {
-- 
cgit 1.4.1