From mboxrd@z Thu Jan 1 00:00:00 1970 From: Alexander Aring Date: Wed, 5 Oct 2022 15:23:12 -0400 Subject: [Cluster-devel] [PATCHv2 dlm-tool 2/2] dlm_controld: fix rare off by one In-Reply-To: <20221005192312.4130838-1-aahringo@redhat.com> References: <20221005192312.4130838-1-aahringo@redhat.com> Message-ID: <20221005192312.4130838-2-aahringo@redhat.com> List-Id: To: cluster-devel.redhat.com MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit While debugging I came across a rare off by one when the snprintf() filled string _exactly_ matched the size (with '\0') and we return the bytes written without \0. We will then write a "\n\0" pattern at the end but when the string exactly matched there is missing byte in the calculation of the "\n\0" pattern because the return value only reduced the size by one. To fix that we substract -1 from the return value of snprintf() to have at the end two bytes for the "\n\0" pattern. If we would hit the case that the buffer exactly matched we truncate the string by one byte because we need to fit '\n' and '\0' into the buffer. --- v2: - remove sob. - only really do the truncate of one byte when the buffer would exact match which is the given size and the returned size + 1 ('\0'). dlm_controld/logging.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/dlm_controld/logging.c b/dlm_controld/logging.c index 2c57138c..bfd7d274 100644 --- a/dlm_controld/logging.c +++ b/dlm_controld/logging.c @@ -181,10 +181,14 @@ void log_level(char *name_in, uint32_t level_in, const char *fmt, ...) ret = vsnprintf(log_str + pos, len - pos, fmt, ap); va_end(ap); - if (ret >= len - pos) + if (ret >= len - pos) { pos = len - 1; - else - pos += ret; + } else { + if (ret + 1 == len - pos) + pos += ret - 1; + else + pos += ret; + } log_str[pos++] = '\n'; log_str[pos++] = '\0'; -- 2.31.1