On Mon, 4 Feb 2019 10:59:42 +0100
Anisse Astier <aastier@xxxxxxxxxx> wrote:
> GCC 8.2 gives this warning:
>
> builtin-run.c: In function ‘kvm_run_write_sandbox_cmd.isra.1’:
> builtin-run.c:417:28: error: ‘%s’ directive output may be truncated
> writing up to 4095 bytes into a region of size 4091
> [-Werror=format-truncation=] snprintf(dst, len, "/host%s",
> resolved_path); ^~ ~~~~~~~~~~~~~
>
> It's because it understands that len is PATH_MAX, the same as
> resolved_path's size. This patch handles the case where the string is
> truncated, and fixes the warning.
>
> Signed-off-by: Anisse Astier <aastier@xxxxxxxxxx>
Reviewed-by: Andre Przywara <andre.przywara@xxxxxxx>
Thanks,
Andre,
> ---
> builtin-run.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/builtin-run.c b/builtin-run.c
> index 82e2b2e..463a481 100644
> --- a/builtin-run.c
> +++ b/builtin-run.c
> @@ -414,7 +414,9 @@ static void resolve_program(const char *src, char *dst, size_t len)
> if (!realpath(src, resolved_path))
> die("Unable to resolve program %s: %s\n", src, strerror(errno));
> - snprintf(dst, len, "/host%s", resolved_path);
> + if (snprintf(dst, len, "/host%s", resolved_path) >= (int)len)
> + die("Pathname too long: %s -> %s\n", src, resolved_path);
> +
> } else
> strncpy(dst, src, len);
> }
