[PATCH nft] src: osf: fix snprintf -Wformat-truncation warning

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Fedora 30 uses very recent gcc (version 9.1.1 20190503 (Red Hat 9.1.1-1)),
osf produces following warnings:

-Wformat-truncation warning have been introduced in the version 7.1 of gcc.
Also, remove a unneeded address check of "tmp + 1" in nf_osf_strchr().

nfnl_osf.c: In function ‘nfnl_osf_load_fingerprints’:
nfnl_osf.c:292:39: warning: ‘%s’ directive output may be truncated writing
up to 1023 bytes into a region of size 128 [-Wformat-truncation=]
  292 |   cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg);
      |                                       ^~
nfnl_osf.c:292:9: note: ‘snprintf’ output between 2 and 1025 bytes into a
destination of size 128
  292 |   cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
nfnl_osf.c:302:46: warning: ‘%s’ directive output may be truncated writing
up to 1023 bytes into a region of size 32 [-Wformat-truncation=]
  302 |    cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg);
      |                                              ^~
nfnl_osf.c:302:10: note: ‘snprintf’ output between 1 and 1024 bytes into a
destination of size 32
  302 |    cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg);
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
nfnl_osf.c:309:49: warning: ‘%s’ directive output may be truncated writing
up to 1023 bytes into a region of size 32 [-Wformat-truncation=]
  309 |   cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg);
      |                                                 ^~
nfnl_osf.c:309:9: note: ‘snprintf’ output between 1 and 1024 bytes into a
destination of size 32
  309 |   cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
nfnl_osf.c:317:47: warning: ‘%s’ directive output may be truncated writing
up to 1023 bytes into a region of size 32 [-Wformat-truncation=]
  317 |       snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg);
      |                                               ^~
nfnl_osf.c:317:7: note: ‘snprintf’ output between 1 and 1024 bytes into a
destination of size 32
  317 |       snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg);
      |       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Reported-by: Florian Westphal <fw@xxxxxxxxx>
Signed-off-by: Fernando Fernandez Mancera <ffmancera@xxxxxxxxxx>
---
 src/nfnl_osf.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/nfnl_osf.c b/src/nfnl_osf.c
index be3fd81..c99f8f3 100644
--- a/src/nfnl_osf.c
+++ b/src/nfnl_osf.c
@@ -81,7 +81,7 @@ static char *nf_osf_strchr(char *ptr, char c)
 	if (tmp)
 		*tmp = '\0';
 
-	while (tmp && tmp + 1 && isspace(*(tmp + 1)))
+	while (tmp && isspace(*(tmp + 1)))
 		tmp++;
 
 	return tmp;
@@ -212,7 +212,7 @@ static int osf_load_line(char *buffer, int len, int del,
 			 struct netlink_ctx *ctx)
 {
 	int i, cnt = 0;
-	char obuf[MAXOPTSTRLEN];
+	char obuf[MAXOPTSTRLEN + 1];
 	struct nf_osf_user_finger f;
 	char *pbeg, *pend;
 	struct nlmsghdr *nlh;
@@ -289,7 +289,7 @@ static int osf_load_line(char *buffer, int len, int del,
 	pend = nf_osf_strchr(pbeg, OSFPDEL);
 	if (pend) {
 		*pend = '\0';
-		cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg);
+		cnt = snprintf(obuf, sizeof(obuf), "%.128s", pbeg);
 		pbeg = pend + 1;
 	}
 
@@ -297,16 +297,16 @@ static int osf_load_line(char *buffer, int len, int del,
 	if (pend) {
 		*pend = '\0';
 		if (pbeg[0] == '@' || pbeg[0] == '*')
-			cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg + 1);
+			cnt = snprintf(f.genre, sizeof(f.genre), "%.31s", pbeg + 1);
 		else
-			cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg);
+			cnt = snprintf(f.genre, sizeof(f.genre), "%.31s", pbeg);
 		pbeg = pend + 1;
 	}
 
 	pend = nf_osf_strchr(pbeg, OSFPDEL);
 	if (pend) {
 		*pend = '\0';
-		cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg);
+		cnt = snprintf(f.version, sizeof(f.version), "%.31s", pbeg);
 		pbeg = pend + 1;
 	}
 
@@ -314,7 +314,7 @@ static int osf_load_line(char *buffer, int len, int del,
 	if (pend) {
 		*pend = '\0';
 		cnt =
-		    snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg);
+		    snprintf(f.subtype, sizeof(f.subtype), "%.31s", pbeg);
 		pbeg = pend + 1;
 	}
 
-- 
2.20.1




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux