[Cryptography] [patch chacha20_drng 4/4] API: Make _versionstring return snprintf() errors

[Jason Cooper]

From: Jason Cooper <jason at lakedaemon.net>

snprintf() can fail or truncate when the user supplied data is incorrect
or insufficient.  We really should let the caller know when that
happens.

Signed-off-by: Jason Cooper <jason at lakedaemon.net>
---
 chacha20_drng.c | 4 ++--
 chacha20_drng.h | 9 ++++++++-
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/chacha20_drng.c b/chacha20_drng.c
index 468909042abb..971317448fc2 100644
--- a/chacha20_drng.c
+++ b/chacha20_drng.c
@@ -602,9 +602,9 @@ int drng_chacha20_get(struct chacha20_drng *drng, uint8_t *outbuf,
 	return 0;
 }
 
-void drng_chacha20_versionstring(char *buf, uint32_t buflen)
+int drng_chacha20_versionstring(char *buf, uint32_t buflen)
 {
-	snprintf(buf, buflen, "ChaCha20 DRNG %d.%d.%d",
+	return snprintf(buf, buflen, "ChaCha20 DRNG %d.%d.%d",
 		 MAJVERSION, MINVERSION, PATCHLEVEL);
 }
 
diff --git a/chacha20_drng.h b/chacha20_drng.h
index 3116731339af..2f05aad5e3ea 100644
--- a/chacha20_drng.h
+++ b/chacha20_drng.h
@@ -147,9 +147,16 @@ int drng_chacha20_reseed(struct chacha20_drng *drng, const uint8_t *inbuf,
  *
  * @buf: [out] buffer to place version string into
  * @buflen: [in] length of buffer
+ *
+ * @buf is filled with a string of the form "chacha20 DRNG X.Y.Z".  Care
+ * should be taken to provide a large enough buffer taking in to account that
+ * X, Y, and/or Z may be multiple characters.
+ *
+ * @return status of snprintf(3).  < 0 on error, otherwise length of written
+ * string.  See snprintf(3) for details on truncation.
  */
 DSO_PUBLIC
-void drng_chacha20_versionstring(char *buf, uint32_t buflen);
+int drng_chacha20_versionstring(char *buf, uint32_t buflen);
 
 /**
  * drng_chacha20_version() - return machine-usable version number of ChaCha20
-- 
2.9.2