File 0728-erl_interface-Avoid-warnings-about-safe-sprintf-usag.patch of Package erlang
From 9bd8dd986741cfd91ad7ef9e358601cf2ed94428 Mon Sep 17 00:00:00 2001
From: Frej Drejhammar <frej.drejhammar@gmail.com>
Date: Tue, 11 Apr 2023 12:28:11 +0200
Subject: [PATCH 2/2] erl_interface: Avoid warnings about safe sprintf usage
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
In erl_interface there are three uses of `sprintf` to construct host
name strings. GCC 12 gives a `ā%sā directive writing up to 254 bytes
into a region of size between 1 and 256` warning at these locations,
as it isn't smart enough to see that the manual bounds check is
correct and that the write is safe.
By switching to `snprintf` and removing the manual size calculation of
the resulting string, we can both simplify the relevant code and avoid
the warnings.
---
lib/erl_interface/src/connect/ei_connect.c | 4 ++--
lib/erl_interface/src/prog/erl_call.c | 8 ++++----
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/erl_interface/src/connect/ei_connect.c b/lib/erl_interface/src/connect/ei_connect.c
index e5f1c307fd..3f2becde5a 100644
--- a/lib/erl_interface/src/connect/ei_connect.c
+++ b/lib/erl_interface/src/connect/ei_connect.c
@@ -1058,11 +1058,11 @@ int ei_connect_init_ussi(ei_cnode* ec, const char* this_node_name,
strcpy(thishostname, hp->h_name);
}
}
- if (strlen(this_node_name) + 1 + strlen(thishostname) > MAXNODELEN) {
+ if (snprintf(thisnodename, sizeof(thisnodename), "%s@%s",
+ this_node_name, thishostname) > sizeof(thisnodename)) {
EI_TRACE_ERR0("ei_connect_init_ussi","this node name is too long");
return ERL_ERROR;
}
- sprintf(thisnodename, "%s@%s", this_node_name, thishostname);
res = ei_connect_xinit_ussi(ec, thishostname, thisalivename, thisnodename,
(struct in_addr *)*hp->h_addr_list, cookie, creation,
cbs, cbs_sz, setup_context);
diff --git a/lib/erl_interface/src/prog/erl_call.c b/lib/erl_interface/src/prog/erl_call.c
index 4548b9f4dd..1fb72c65cb 100644
--- a/lib/erl_interface/src/prog/erl_call.c
+++ b/lib/erl_interface/src/prog/erl_call.c
@@ -441,11 +441,11 @@ int main(int argc, char *argv[])
memcpy(&h_ipadr.s_addr, *hp->h_addr_list, sizeof(struct in_addr));
if (h_alivename) {
- if (strlen(h_alivename) + strlen(h_hostname) + 2 > sizeof(h_nodename_buf)) {
+ if (snprintf(h_nodename_buf, sizeof(h_nodename_buf), "%s@%s",
+ h_alivename, h_hostname) > sizeof(h_nodename_buf)) {;
fprintf(stderr,"erl_call: hostname too long: %s\n", h_hostname);
exit_free_flags_fields(1, &flags);
}
- sprintf(h_nodename, "%s@%s", h_alivename, h_hostname);
}
else {
/* dynamic node name */
@@ -490,11 +490,11 @@ int main(int argc, char *argv[])
}
if (flags.port == -1) {
- if (strlen(flags.node) + strlen(host_name) + 2 > sizeof(nodename)) {
+ if (snprintf(nodename, sizeof(nodename),
+ "%s@%s", flags.node, host_name) > sizeof(nodename)) {
fprintf(stderr,"erl_call: nodename too long: %s\n", flags.node);
exit_free_flags_fields(1, &flags);
}
- sprintf(nodename, "%s@%s", flags.node, host_name);
}
/*
* Try to connect. Start an Erlang system if the
--
2.35.3
