From: Zbigniew Jędrzejewski-Szmek Date: Fri, 23 Feb 2018 10:12:19 +0000 (+0100) Subject: udev/net-id: check all snprintf return values X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=commitdiff_plain;h=a7956ba5bf0dd2b9bd68111d1dc61ac77e6a9e38;p=elogind.git udev/net-id: check all snprintf return values gcc-8 throws an error if it knows snprintf might truncate output and the return value is ignored: ../src/udev/udev-builtin-net_id.c: In function 'dev_pci_slot': ../src/udev/udev-builtin-net_id.c:297:47: error: '%s' directive output may be truncated writing up to 255 bytes into a region of size between 0 and 4095 [-Werror=format-truncation=] snprintf(str, sizeof str, "%s/%s/address", slots, dent->d_name); ^~ ../src/udev/udev-builtin-net_id.c:297:17: note: 'snprintf' output between 10 and 4360 bytes into a destination of size 4096 snprintf(str, sizeof str, "%s/%s/address", slots, dent->d_name); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ cc1: some warnings being treated as errors Let's check all return values. This actually makes the code better, because there's no point in trying to open a file when the name has been truncated, etc. --- diff --git a/src/basic/stdio-util.h b/src/basic/stdio-util.h index f4dfa7629..f818a208a 100644 --- a/src/basic/stdio-util.h +++ b/src/basic/stdio-util.h @@ -31,9 +31,11 @@ #include "macro.h" -#define xsprintf(buf, fmt, ...) \ - assert_message_se((size_t) snprintf(buf, ELEMENTSOF(buf), fmt, __VA_ARGS__) < ELEMENTSOF(buf), "xsprintf: " #buf "[] must be big enough") +#define snprintf_ok(buf, len, fmt, ...) \ + ((size_t) snprintf(buf, len, fmt, __VA_ARGS__) < (len)) +#define xsprintf(buf, fmt, ...) \ + assert_message_se(snprintf_ok(buf, ELEMENTSOF(buf), fmt, __VA_ARGS__), "xsprintf: " #buf "[] must be big enough") #define VA_FORMAT_ADVANCE(format, ap) \ do { \