[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] tools: libxenstat: fix format string overflow

To: Dario Faggioli <dfaggioli@xxxxxxxx>
From: Wei Liu <wei.liu2@xxxxxxxxxx>
Date: Fri, 16 Feb 2018 17:44:05 +0000
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxx, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>
Delivery-date: Fri, 16 Feb 2018 17:44:17 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Fri, Feb 16, 2018 at 06:36:51PM +0100, Dario Faggioli wrote:
> With gcc 7.3.0, the build fails like this:
> 
> src/xenstat_linux.c: In function ‘getBridge’
> src/xenstat_linux.c:78:34: warning: ‘%s’ directive writing up to 255 bytes 
> into a region of size 241 [-Wformat-overflow=]
>      sprintf(tmp, "/sys/class/net/%s/bridge", de->d_name);
>                                   ^~
> src/xenstat_linux.c:78:5: note: ‘sprintf’ output between 23 and 278 bytes 
> into a destination of size 256
>      sprintf(tmp, "/sys/class/net/%s/bridge", de->d_name);
>      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Fix using asprintf().
> 
> Signed-off-by: Dario Faggioli <dfaggioli@xxxxxxxx>
> ---
> Cc: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
> Cc: Wei Liu <wei.liu2@xxxxxxxxxx>
> ---
> In case no one else have noticed and fixed this (I have checked xen-devel and
> found nothing)
> ---
>  tools/xenstat/libxenstat/src/xenstat_linux.c |    8 +++++---
>  1 file changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/tools/xenstat/libxenstat/src/xenstat_linux.c 
> b/tools/xenstat/libxenstat/src/xenstat_linux.c
> index 907d65fa63..396357511b 100644
> --- a/tools/xenstat/libxenstat/src/xenstat_linux.c
> +++ b/tools/xenstat/libxenstat/src/xenstat_linux.c
> @@ -69,18 +69,20 @@ void getBridge(char *excludeName, char *result, size_t 
> resultLen)
>       struct dirent *de;
>       DIR *d;
>  
> -     char tmp[256] = { 0 };
> -
>       d = opendir("/sys/class/net");
>       while ((de = readdir(d)) != NULL) {
>               if ((strlen(de->d_name) > 0) && (de->d_name[0] != '.')
>                       && (strstr(de->d_name, excludeName) == NULL)) {
> -                             sprintf(tmp, "/sys/class/net/%s/bridge", 
> de->d_name);
> +                             char *tmp;
> +
> +                             asprintf(&tmp, "/sys/class/net/%s/bridge", 
> de->d_name);

Need to check the return value of asprintf.

Preferably you also need to define _GNU_SOURCE at the beginning of this
file. This file is Linux only makes it less of a problem.

Wei.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] tools: libxenstat: fix format string overflow
  - From: Dario Faggioli
- Re: [Xen-devel] [PATCH] tools: libxenstat: fix format string overflow
  - From: Dario Faggioli
- Re: [Xen-devel] [PATCH] tools: libxenstat: fix format string overflow
  - From: Wei Liu

References:
- [Xen-devel] [PATCH] tools: libxenstat: fix format string overflow
  - From: Dario Faggioli

Prev by Date: Re: [Xen-devel] [PATCH] mm: don't defer struct page initialization for Xen pv guests
Next by Date: Re: [Xen-devel] [PATCH] tools: libxenstat: fix format string overflow
Previous by thread: Re: [Xen-devel] [PATCH] tools: libxenstat: fix format string overflow
Next by thread: Re: [Xen-devel] [PATCH] tools: libxenstat: fix format string overflow
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.