Overview

File s390-tools-sles15-Fix-truncation-warning.patch of Package s390-tools.12090

From 1261105fe238ad306db29a9d47bb1a293bddf9aa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jan=20H=C3=B6ppner?= <hoeppner@linux.vnet.ibm.com>
Date: Mon, 16 Oct 2017 15:46:07 +0200
Subject: [PATCH] dasdinfo: Fix truncation warning
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Commit 3c80f7e025db ("dasdinfo: fix buffer overflow warning") changed a
sprintf call to snprintf to avoid a buffer overflow warning. However,
GCC 7 now warns about a potential truncation with snprintf:

dasdinfo.c: In function 'main':
dasdinfo.c:577:18: warning: '%s' directive output may be truncated
writing up to 255 bytes into a region of size 69 [-Wformat-truncation=]
      "/sys/block/%s/device/uid", dir_entry->d_name);
                  ^~
dasdinfo.c:576:4: note: 'snprintf' output between 23 and 278 bytes into
a destination of size 80
    snprintf(*uidfile, RD_BUFFER_SIZE,
    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      "/sys/block/%s/device/uid", dir_entry->d_name);
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

We could get around this by increasing the buffer. Though, the current
buffer size is already plenty and we know better anyway.
Avoid the warning by simply checking the return value of snprintf and
display an error in case data was truncated nonetheless.

Fixes: 3c80f7e025db ("dasdinfo: fix buffer overflow warning")
Signed-off-by: Jan Höppner <hoeppner@linux.vnet.ibm.com>
Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
---
 dasdinfo/dasdinfo.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/dasdinfo/dasdinfo.c b/dasdinfo/dasdinfo.c
index c8bda3b..f881f03 100644
--- a/dasdinfo/dasdinfo.c
+++ b/dasdinfo/dasdinfo.c
@@ -545,6 +545,7 @@ static int dinfo_get_uid_from_devnode(char **uidfile, char *devnode)
 	char *readbuf;
 	DIR *directory = NULL;
 	struct dirent *dir_entry = NULL;
+	int rc = 0;
 
 	if (stat(devnode, &stat_buffer) != 0) {
 		printf("Error: could not stat %s\n", devnode);
@@ -573,8 +574,15 @@ static int dinfo_get_uid_from_devnode(char **uidfile, char *devnode)
 
 		if (strncmp(stat_dev, readbuf,
 			    MAX(strlen(stat_dev), strlen(readbuf)-1)) == 0) {
-			snprintf(*uidfile, RD_BUFFER_SIZE,
-				 "/sys/block/%s/device/uid", dir_entry->d_name);
+			rc = snprintf(*uidfile, RD_BUFFER_SIZE,
+				      "/sys/block/%s/device/uid",
+				      dir_entry->d_name);
+			if (rc >= RD_BUFFER_SIZE) {
+				fprintf(stderr,
+					"Error: Device name was truncated\n");
+				return -1;
+			}
+
 			break;
 		}
 	}
-- 
1.7.12.4
openSUSE Build Service is sponsored by
Places