From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44837) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WKQWE-0000RO-Hh for qemu-devel@nongnu.org; Mon, 03 Mar 2014 05:54:54 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1WKQW6-0007hk-5D for qemu-devel@nongnu.org; Mon, 03 Mar 2014 05:54:46 -0500 Received: from mail-pa0-x235.google.com ([2607:f8b0:400e:c03::235]:39655) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1WKQW5-0007ha-TN for qemu-devel@nongnu.org; Mon, 03 Mar 2014 05:54:38 -0500 Received: by mail-pa0-f53.google.com with SMTP id ld10so3667582pab.12 for ; Mon, 03 Mar 2014 02:54:36 -0800 (PST) Message-ID: <53145F65.1000304@gmail.com> Date: Mon, 03 Mar 2014 18:54:29 +0800 From: Chen Gang MIME-Version: 1.0 References: <52EF68CA.9060604@gmail.com> <20140203103429.GB10408@redhat.com> <52EF71DC.3000309@gmail.com> <52F0C8BA.7020709@gmail.com> <20140204110631.GD5632@redhat.com> <52F0CD67.5070601@gmail.com> <87siry3l7t.fsf@linux.vnet.ibm.com> <52F17B5E.1050602@gmail.com> <52FF3182.9090106@gmail.com> <53097D8E.1030803@gmail.com> <87sir850ho.fsf@blackfin.pond.sub.org> <87ha7o3c5x.fsf@blackfin.pond.sub.org> <530FCBAD.10305@gmail.com> <531219CC.4050505@gmail.com> <53121A12.5050105@gmail.com> <53121A4B.70308@gmail.com> <87txbf65q6.fsf@blackfin.pond.sub.org> In-Reply-To: <87txbf65q6.fsf@blackfin.pond.sub.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH 2/3] hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf() List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Markus Armbruster Cc: "Aneesh Kumar K.V" , aliguori@amazon.com, QEMU Developers On 03/03/2014 04:34 PM, Markus Armbruster wrote: > Chen Gang writes: > >> 'ctx->fs_root' + 'path'/'fullname.data' may be larger than PATH_MAX, so >> need use snprintf() instead of sprintf() just like another area have done in 9pfs. >> >> Signed-off-by: Chen Gang >> --- >> hw/9pfs/virtio-9p-local.c | 7 ++++--- >> 1 file changed, 4 insertions(+), 3 deletions(-) >> >> diff --git a/hw/9pfs/virtio-9p-local.c b/hw/9pfs/virtio-9p-local.c >> index 77a04cd..61be75a 100644 >> --- a/hw/9pfs/virtio-9p-local.c >> +++ b/hw/9pfs/virtio-9p-local.c >> @@ -898,7 +898,8 @@ static int local_remove(FsContext *ctx, const char *path) >> * directory >> */ >> if (S_ISDIR(stbuf.st_mode)) { >> - sprintf(buffer, "%s/%s/%s", ctx->fs_root, path, VIRTFS_META_DIR); >> + snprintf(buffer, ARRAY_SIZE(buffer), "%s/%s/%s", >> + ctx->fs_root, path, VIRTFS_META_DIR); >> err = remove(buffer); >> if (err < 0 && errno != ENOENT) { >> /* >> @@ -1033,8 +1034,8 @@ static int local_unlinkat(FsContext *ctx, V9fsPath *dir, >> * If directory remove .virtfs_metadata contained in the >> * directory >> */ >> - sprintf(buffer, "%s/%s/%s", ctx->fs_root, >> - fullname.data, VIRTFS_META_DIR); >> + snprintf(buffer, ARRAY_SIZE(buffer), "%s/%s/%s", ctx->fs_root, >> + fullname.data, VIRTFS_META_DIR); >> ret = remove(buffer); >> if (ret < 0 && errno != ENOENT) { >> /* > > Turns a buffer overrun bug into a truncation bug. The next commit fixes > truncation bugs including this one. Would be nice to spell this out in > the commit message. Perhaps Aneesh can do it on commit. > Please help doing it on commit. Thanks. -- Chen Gang Open, share, and attitude like air, water, and life which God blessed