diff options
author | Ross Zwisler <ross.zwisler@linux.intel.com> | 2017-12-07 14:35:03 -0700 |
---|---|---|
committer | Eryu Guan <eguan@redhat.com> | 2017-12-10 17:46:05 +0800 |
commit | d79448aefec98fbc32b1ec0bcf30a2dd3c122be1 (patch) | |
tree | 43aee8a40ee3fbb1b5a4c2dbf5fe5c44d49558f0 | |
parent | ce00907d09db3147423485e60db217a3335dfbd8 (diff) | |
download | xfstests-d79448aefec98fbc32b1ec0bcf30a2dd3c122be1.tar.gz |
build: fix Wlog_Error_String overflow issues
The 'Wlog_Error_String' string is defined to be 256 bytes in length,
but in two places we write into it with a format that contains a
string (wfile->w_file) that has length 1024. This can overflow
Wlog_Error_String, as we see in the new compiler warnings from gcc
7.2.1:
write_log.c:124:37: warning: ā%sā directive writing up to 1023 bytes into
a region of size 224 [-Wformat-overflow=]
"Could not open write_log - open(%s, %#o, %#o) failed: %s\n",
^~
Fix this by increasing the length of Wlog_Error_String to 1280
characters (1024 for wfile->w_file plus 256 for the rest of the
format string), and by using snprintf() instead of sprintf() so we
are sure we don't overflow.
Signed-off-by: Ross Zwisler <ross.zwisler@linux.intel.com>
Reviewed-by: Eryu Guan <eguan@redhat.com>
Signed-off-by: Eryu Guan <eguan@redhat.com>
-rw-r--r-- | lib/write_log.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/write_log.c b/lib/write_log.c index 8c921fc542..3bfa8c7b30 100644 --- a/lib/write_log.c +++ b/lib/write_log.c @@ -73,7 +73,8 @@ /*#define PATH_MAX pathconf("/", _PC_PATH_MAX)*/ #endif -char Wlog_Error_String[256]; +#define ERROR_STRING_LEN 1280 +char Wlog_Error_String[ERROR_STRING_LEN]; #if __STDC__ static int wlog_rec_pack(struct wlog_rec *wrec, char *buf, int flag); @@ -120,7 +121,7 @@ int mode; umask(omask); if (wfile->w_afd == -1) { - sprintf(Wlog_Error_String, + snprintf(Wlog_Error_String, ERROR_STRING_LEN, "Could not open write_log - open(%s, %#o, %#o) failed: %s\n", wfile->w_file, oflags, mode, strerror(errno)); return -1; @@ -132,7 +133,7 @@ int mode; oflags = O_RDWR; if ((wfile->w_rfd = open(wfile->w_file, oflags)) == -1) { - sprintf(Wlog_Error_String, + snprintf(Wlog_Error_String, ERROR_STRING_LEN, "Could not open write log - open(%s, %#o) failed: %s\n", wfile->w_file, oflags, strerror(errno)); close(wfile->w_afd); |