From: Fernando Fernandez Mancera <ffmancera@riseup.net>
To: Phil Sutter <phil@nwl.cc>
Cc: netfilter-devel@vger.kernel.org, Florian Westphal <fw@strlen.de>
Subject: Re: [PATCH nft] src: osf: fix snprintf -Wformat-truncation warning
Date: Sun, 21 Jul 2019 11:59:14 +0200 [thread overview]
Message-ID: <00a4ebbb-a571-b00a-83ac-ad198ccbd263@riseup.net> (raw)
In-Reply-To: <20190720202157.GB22661@orbyte.nwl.cc>
Hi Phil,
On 7/20/19 10:21 PM, Phil Sutter wrote:
> Hi Fernando,
>
> On Thu, Jul 18, 2019 at 01:01:46PM +0200, Fernando Fernandez Mancera wrote:
>> Fedora 30 uses very recent gcc (version 9.1.1 20190503 (Red Hat 9.1.1-1)),
>> osf produces following warnings:
>>
>> -Wformat-truncation warning have been introduced in the version 7.1 of gcc.
>> Also, remove a unneeded address check of "tmp + 1" in nf_osf_strchr().
>>
>> nfnl_osf.c: In function ‘nfnl_osf_load_fingerprints’:
>> nfnl_osf.c:292:39: warning: ‘%s’ directive output may be truncated writing
>> up to 1023 bytes into a region of size 128 [-Wformat-truncation=]
>> 292 | cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg);
>> | ^~
>> nfnl_osf.c:292:9: note: ‘snprintf’ output between 2 and 1025 bytes into a
>> destination of size 128
>> 292 | cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg);
>> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> nfnl_osf.c:302:46: warning: ‘%s’ directive output may be truncated writing
>> up to 1023 bytes into a region of size 32 [-Wformat-truncation=]
>> 302 | cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg);
>> | ^~
>> nfnl_osf.c:302:10: note: ‘snprintf’ output between 1 and 1024 bytes into a
>> destination of size 32
>> 302 | cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg);
>> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> nfnl_osf.c:309:49: warning: ‘%s’ directive output may be truncated writing
>> up to 1023 bytes into a region of size 32 [-Wformat-truncation=]
>> 309 | cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg);
>> | ^~
>> nfnl_osf.c:309:9: note: ‘snprintf’ output between 1 and 1024 bytes into a
>> destination of size 32
>> 309 | cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg);
>> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>> nfnl_osf.c:317:47: warning: ‘%s’ directive output may be truncated writing
>> up to 1023 bytes into a region of size 32 [-Wformat-truncation=]
>> 317 | snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg);
>> | ^~
>> nfnl_osf.c:317:7: note: ‘snprintf’ output between 1 and 1024 bytes into a
>> destination of size 32
>> 317 | snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg);
>> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>
>> Reported-by: Florian Westphal <fw@strlen.de>
>> Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
>> ---
>> src/nfnl_osf.c | 14 +++++++-------
>> 1 file changed, 7 insertions(+), 7 deletions(-)
>>
>> diff --git a/src/nfnl_osf.c b/src/nfnl_osf.c
>> index be3fd81..c99f8f3 100644
>> --- a/src/nfnl_osf.c
>> +++ b/src/nfnl_osf.c
>> @@ -81,7 +81,7 @@ static char *nf_osf_strchr(char *ptr, char c)
>> if (tmp)
>> *tmp = '\0';
>>
>> - while (tmp && tmp + 1 && isspace(*(tmp + 1)))
>> + while (tmp && isspace(*(tmp + 1)))
>> tmp++;
>>
>> return tmp;
>> @@ -212,7 +212,7 @@ static int osf_load_line(char *buffer, int len, int del,
>> struct netlink_ctx *ctx)
>> {
>> int i, cnt = 0;
>> - char obuf[MAXOPTSTRLEN];
>> + char obuf[MAXOPTSTRLEN + 1];
>> struct nf_osf_user_finger f;
>> char *pbeg, *pend;
>> struct nlmsghdr *nlh;
>> @@ -289,7 +289,7 @@ static int osf_load_line(char *buffer, int len, int del,
>> pend = nf_osf_strchr(pbeg, OSFPDEL);
>> if (pend) {
>> *pend = '\0';
>> - cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg);
>> + cnt = snprintf(obuf, sizeof(obuf), "%.128s", pbeg);
>
> Not a big deal, but sizeof() and hard-coding the "precision" doesn't mix
> well in my opinion. I've solved this like so:
>
> i = sizeof(obuf);
> cnt = snprintf(obuf, i, "%.*s,", i - 2, pbeg);
>
> (i - 2) to leave space for the trailing comma and nul-char. Also note
> that your patch drops the trailing comma, I guess that's a bug.
>
Oh! I am really happy that you spotted the missing trailing comma,
thanks! :-)
> Maybe you want to have a look at my patch (Message-ID
> 20190720185226.8876-2-phil@nwl.cc) and incorporate what's useful into
> yours? It's your code, so you should know better how to fix things. :)
>
> Thanks, Phil
>
I think your code is more readable than mine. I am going to send a v2
patch with your code but also adding the following fix.
- while (tmp && tmp + 1 && isspace(*(tmp + 1)))
+ while (tmp && isspace(*(tmp + 1)))
I am going to send a similar patch for the iptables tree because this
file was imported from iptables.git/utils/nfnl_osf.c.
Thanks!
next prev parent reply other threads:[~2019-07-21 9:59 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-18 11:01 [PATCH nft] src: osf: fix snprintf -Wformat-truncation warning Fernando Fernandez Mancera
2019-07-20 20:21 ` Phil Sutter
2019-07-21 9:59 ` Fernando Fernandez Mancera [this message]
2019-07-21 10:43 ` Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=00a4ebbb-a571-b00a-83ac-ad198ccbd263@riseup.net \
--to=ffmancera@riseup.net \
--cc=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
--cc=phil@nwl.cc \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.