[ulogd2 PATCH v3 23/30] db: improve mapping of input-keys to DB columns

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hitherto, we copied the key-name to a buffer, iterated over it to
replace the full-stops with underscores, using `strchr` from the start
of the buffer on each iteration, then appended the buffer to the SQL
statement.

Apart from the inefficiency, `strncpy` was used to do the copies, which
led gcc to complain:

  ../../util/db.c:118:25: warning: `strncpy` output may be truncated copying 31 bytes from a string of length 31

Furthermore, the buffer was one character too short and so there was the
possibility of overruns.

Instead, we now append the key-name directly to the statement using
`sprintf`, and run `strchr` from the last underscore on each iteration.

Signed-off-by: Jeremy Sowden <jeremy@xxxxxxxxxx>
---
 util/db.c | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/util/db.c b/util/db.c
index 2dbe0db2fbfe..339e39ef4797 100644
--- a/util/db.c
+++ b/util/db.c
@@ -96,8 +96,6 @@ static int sql_createstmt(struct ulogd_pluginstance *upi)
 	    (procedure[strlen("INSERT")] == '\0' ||
 			procedure[strlen("INSERT")] == ' ')) {
 		char *stmt_val = mi->stmt;
-		char buf[ULOGD_MAX_KEYLEN];
-		char *underscore;
 
 		if(procedure[6] == '\0') {
 			/* procedure == "INSERT" */
@@ -112,13 +110,18 @@ static int sql_createstmt(struct ulogd_pluginstance *upi)
 			stmt_val += sprintf(stmt_val, "%s (", procedure);
 
 		for (i = 0; i < upi->input.num_keys; i++) {
+			char *underscore;
+
 			if (upi->input.keys[i].flags & ULOGD_KEYF_INACTIVE)
 				continue;
 
-			strncpy(buf, upi->input.keys[i].name, ULOGD_MAX_KEYLEN);	
-			while ((underscore = strchr(buf, '.')))
+			underscore = stmt_val;
+
+			stmt_val += sprintf(stmt_val, "%s,",
+					    upi->input.keys[i].name);
+
+			while ((underscore = strchr(underscore, '.')))
 				*underscore = '_';
-			stmt_val += sprintf(stmt_val, "%s,", buf);
 		}
 		*(stmt_val - 1) = ')';
 
-- 
2.33.0




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux