From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:59421) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ui88S-00022h-Q3 for qemu-devel@nongnu.org; Thu, 30 May 2013 15:03:45 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Ui85W-0007dz-F0 for qemu-devel@nongnu.org; Thu, 30 May 2013 15:00:48 -0400 Received: from mail-qe0-f50.google.com ([209.85.128.50]:45240) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Ui85W-0007du-6q for qemu-devel@nongnu.org; Thu, 30 May 2013 15:00:38 -0400 Received: by mail-qe0-f50.google.com with SMTP id x7so377735qeu.9 for ; Thu, 30 May 2013 12:00:37 -0700 (PDT) Sender: fluxion From: Michael Roth Date: Thu, 30 May 2013 13:58:59 -0500 Message-Id: <1369940341-9043-6-git-send-email-mdroth@linux.vnet.ibm.com> In-Reply-To: <1369940341-9043-1-git-send-email-mdroth@linux.vnet.ibm.com> References: <1369940341-9043-1-git-send-email-mdroth@linux.vnet.ibm.com> Subject: [Qemu-devel] [PATCH 5/7] qga: remove undefined behavior in ga_install_service() List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: aliguori@us.ibm.com, lersek@redhat.com From: Laszlo Ersek We shouldn't snprintf() from a buffer to the same buffer. Signed-off-by: Laszlo Ersek Signed-off-by: Michael Roth --- qga/service-win32.c | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/qga/service-win32.c b/qga/service-win32.c index 843398a..8a5de8a 100644 --- a/qga/service-win32.c +++ b/qga/service-win32.c @@ -39,34 +39,36 @@ int ga_install_service(const char *path, const char *logfile) { SC_HANDLE manager; SC_HANDLE service; - TCHAR cmdline[MAX_PATH]; + TCHAR module_fname[MAX_PATH]; + GString *cmdline; - if (GetModuleFileName(NULL, cmdline, MAX_PATH) == 0) { + if (GetModuleFileName(NULL, module_fname, MAX_PATH) == 0) { printf_win_error("No full path to service's executable"); return EXIT_FAILURE; } - _snprintf(cmdline, MAX_PATH - strlen(cmdline), "%s -d", cmdline); + cmdline = g_string_new(module_fname); + g_string_append(cmdline, " -d"); if (path) { - _snprintf(cmdline, MAX_PATH - strlen(cmdline), "%s -p %s", cmdline, path); + g_string_append_printf(cmdline, " -p %s", path); } if (logfile) { - _snprintf(cmdline, MAX_PATH - strlen(cmdline), "%s -l %s -v", - cmdline, logfile); + g_string_append_printf(cmdline, " -l %s -v", logfile); } - g_debug("service's cmdline: %s", cmdline); + g_debug("service's cmdline: %s", cmdline->str); manager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); if (manager == NULL) { printf_win_error("No handle to service control manager"); + g_string_free(cmdline, TRUE); return EXIT_FAILURE; } service = CreateService(manager, QGA_SERVICE_NAME, QGA_SERVICE_DISPLAY_NAME, SERVICE_ALL_ACCESS, SERVICE_WIN32_OWN_PROCESS, SERVICE_AUTO_START, - SERVICE_ERROR_NORMAL, cmdline, NULL, NULL, NULL, NULL, NULL); + SERVICE_ERROR_NORMAL, cmdline->str, NULL, NULL, NULL, NULL, NULL); if (service) { SERVICE_DESCRIPTION desc = { (char *)QGA_SERVICE_DESCRIPTION }; @@ -80,6 +82,7 @@ int ga_install_service(const char *path, const char *logfile) CloseServiceHandle(service); CloseServiceHandle(manager); + g_string_free(cmdline, TRUE); return (service == NULL); } -- 1.7.9.5