From ee0c1cc1e4b87bde73f1eba3212ab93b1c379c6c Mon Sep 17 00:00:00 2001
From: Igor Ryzhov <iryzhov@nfware.com>
Date: Mon, 5 Feb 2024 19:04:39 +0200
Subject: [PATCH] lib: fix __darr_in_vsprintf

If the initial darr capacity is not enough for the output, the `ap` is
reused multiple times, which is wrong, because it may be altered by
`vsnprintf`. Make a copy of `ap` each time instead of reusing.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
---
 lib/darr.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/darr.c b/lib/darr.c
index f7a64fc3943f..4f3bd9fb67ab 100644
--- a/lib/darr.c
+++ b/lib/darr.c
@@ -58,6 +58,7 @@ char *__darr_in_vsprintf(char **sp, bool concat, const char *fmt, va_list ap)
 	size_t inlen = concat ? darr_strlen(*sp) : 0;
 	size_t capcount = strlen(fmt) + MIN(inlen + 64, 128);
 	ssize_t len;
+	va_list ap_copy;
 
 	darr_ensure_cap(*sp, capcount);
 
@@ -68,7 +69,9 @@ char *__darr_in_vsprintf(char **sp, bool concat, const char *fmt, va_list ap)
 	if (darr_len(*sp) == 0)
 		*darr_append(*sp) = 0;
 again:
-	len = vsnprintf(darr_last(*sp), darr_avail(*sp), fmt, ap);
+	va_copy(ap_copy, ap);
+	len = vsnprintf(darr_last(*sp), darr_avail(*sp), fmt, ap_copy);
+	va_end(ap_copy);
 	if (len < 0)
 		darr_in_strcat(*sp, fmt);
 	else if ((size_t)len < darr_avail(*sp))