udev - safer sprintf() use

udev - safer sprintf() use

[Kay Sievers]

[-- Attachment #1: Type: text/plain, Size: 293 bytes --]

Here is for now my last patch to the string handling for a rather
theorethical case, where the node is very very very long. :)

We have accordant to strfieldcat(to, from) now a strintcat(to, i) macro,
which appends the ascii representation of a integer to a string in a
safe way.

thanks,
Kay

[-- Attachment #2: 01-strcat.patch --]
[-- Type: text/plain, Size: 2107 bytes --]

===== namedev.c 1.116 vs edited =====
--- 1.116/namedev.c	Thu Feb 26 22:29:48 2004
+++ edited/namedev.c	Sat Feb 28 02:41:27 2004
@@ -263,11 +263,11 @@
 			dbg("substitute kernel number '%s'", udev->kernel_number);
 				break;
 		case 'm':
-			sprintf(pos, "%u", udev->minor);
+			strnintcat(string, udev->minor, maxsize);
 			dbg("substitute minor number '%u'", udev->minor);
 			break;
-			case 'M':
-			sprintf(pos, "%u", udev->major);
+		case 'M':
+			strnintcat(string, udev->major, maxsize);
 			dbg("substitute major number '%u'", udev->major);
 			break;
 		case 'c':
===== udev-add.c 1.52 vs edited =====
--- 1.52/udev-add.c	Fri Feb 27 00:11:36 2004
+++ edited/udev-add.c	Sat Feb 28 02:41:27 2004
@@ -211,7 +211,8 @@
 		info("creating device partition nodes '%s[1-%i]'", filename, dev->partitions);
 		if (!fake) {
 			for (i = 1; i <= dev->partitions; i++) {
-				sprintf(partitionname, "%s%i", filename, i);
+				strfieldcpy(partitionname, filename);
+				strintcat(partitionname, i);
 				make_node(partitionname, dev->major,
 					  dev->minor + i, dev->mode, uid, gid);
 			}
===== udev-remove.c 1.20 vs edited =====
--- 1.20/udev-remove.c	Wed Feb 25 01:04:14 2004
+++ edited/udev-remove.c	Sat Feb 28 02:41:28 2004
@@ -87,7 +87,8 @@
 	if (dev->partitions > 0) {
 		info("removing partitions '%s[1-%i]'", filename, dev->partitions);
 		for (i = 1; i <= dev->partitions; i++) {
-			sprintf(partitionname, "%s%i", filename, i);
+			strfieldcpy(partitionname, filename);
+			strintcat(partitionname, i);
 			unlink(partitionname);
 		}
 	}
===== udev.h 1.47 vs edited =====
--- 1.47/udev.h	Thu Feb 26 06:14:04 2004
+++ edited/udev.h	Sat Feb 28 02:41:28 2004
@@ -85,6 +85,18 @@
 	strncat(to, from, maxsize - strlen(to)-1); \
 } while (0)
 
+#define strintcat(to, i) \
+do { \
+	to[sizeof(to)-1] = '\0'; \
+	snprintf((to) + strlen(to), sizeof(to) - strlen(to)-1, "%u", i); \
+} while (0)
+
+#define strnintcat(to, i, maxsize) \
+do { \
+	to[maxsize-1] = '\0'; \
+	snprintf((to) + strlen(to), maxsize - strlen(to)-1, "%u", i); \
+} while (0)
+
 static inline char *get_action(void)
 {
 	char *action;

Re: udev - safer sprintf() use

[Greg KH]

On Sat, Feb 28, 2004 at 02:52:29AM +0100, Kay Sievers wrote:
> Here is for now my last patch to the string handling for a rather
> theorethical case, where the node is very very very long. :)
> 
> We have accordant to strfieldcat(to, from) now a strintcat(to, i) macro,
> which appends the ascii representation of a integer to a string in a
> safe way.

Nice, thanks a lot for doing all of this auditing.  I really appreciate
it.

Applied.

greg k-h


-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id\x1356&alloc_id438&op=click
_______________________________________________
Linux-hotplug-devel mailing list  http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel