[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] tools: fix several "format-truncation" errors with GCC 7

To: Zhongze Liu <blackskygg@xxxxxxxxx>
From: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Date: Mon, 12 Jun 2017 13:31:39 +0100
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Wei Liu <wei.liu2@xxxxxxxxxx>, David Scott <dave@xxxxxxxxxx>
Delivery-date: Mon, 12 Jun 2017 12:31:52 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

Zhongze Liu writes ("[PATCH] tools: fix several "format-truncation" errors with 
GCC 7"):
> replace several snprintf with asprintf in xenpmd and tools/ocmal/xc
> to fix the "format-truncation" errors caused by incorrect size of buffers.

Thanks for paying attention to the quality of our code, but:

I wonder whether this cure is worse than the disease.  Using asprintf
everywhere means additional error handling (which you have erroneously
omitted) and additional potential for leaks etc. (for which I haven't
analysed your patch).

You say `"format-truncation" errors' but you mean compiler warnings
from -Wformat-truncation, turned into errors by -Werror.  Is there
any suggestion from a human that this code actually malfunctions ?

Or does the compiler not just complain all the time about snprintf ?

> -     char error_str[256];
...
> -                     snprintf(error_str, sizeof(error_str),
> -                              "%d: %s", errno, strerror(errno));

This will not truncate unless the xc error string is too long, which
is not.

> -             snprintf(error_str, sizeof(error_str),
> -                      "Unable to open XC interface");
> +             asprintf(&error_str, "Unable to open XC interface");

This is a fixed string of course.

> -    char file_name[32];
...
> @@ -110,12 +112,16 @@ FILE *get_next_battery_file(DIR *battery_dir,
>          if ( strlen(dir_entries->d_name) < 4 )
>              continue;
>          if ( battery_info_type == BIF ) 
> -            snprintf(file_name, 32, BATTERY_INFO_FILE_PATH,
> -                     dir_entries->d_name);
> +         rc = asprintf(&file_name, BATTERY_INFO_FILE_PATH,
> +                       dir_entries->d_name);
>          else 
> -            snprintf(file_name, 32, BATTERY_STATE_FILE_PATH,
> -                     dir_entries->d_name);
> -        file = fopen(file_name, "r");
> +            rc = asprintf(&file_name, BATTERY_STATE_FILE_PATH,
> +                       dir_entries->d_name);

These filenames are all very formulaic.  I doubt they are being
truncated even though the limit is only 32 bytes.

Regards,
Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] tools: fix several "format-truncation" errors with GCC 7
  - From: Zhongze Liu

References:
- [Xen-devel] [PATCH] tools: fix several "format-truncation" errors with GCC 7
  - From: Zhongze Liu

Prev by Date: Re: [Xen-devel] debian stretch dom0 + xen 4.9 fails to boot
Next by Date: Re: [Xen-devel] [RFC PATCH v2 6/8] arm/mem_access: Add long-descriptor based gpt
Previous by thread: [Xen-devel] [PATCH] tools: fix several "format-truncation" errors with GCC 7
Next by thread: Re: [Xen-devel] [PATCH] tools: fix several "format-truncation" errors with GCC 7
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.