| Message ID | 20190718110145.13361-1-ffmancera@riseup.net |
|---|---|
| State | Changes Requested |
| Delegated to: | Pablo Neira |
| Headers | show |
| Series | [nft] src: osf: fix snprintf -Wformat-truncation warning | expand |
Hi Fernando, On Thu, Jul 18, 2019 at 01:01:46PM +0200, Fernando Fernandez Mancera wrote: > Fedora 30 uses very recent gcc (version 9.1.1 20190503 (Red Hat 9.1.1-1)), > osf produces following warnings: > > -Wformat-truncation warning have been introduced in the version 7.1 of gcc. > Also, remove a unneeded address check of "tmp + 1" in nf_osf_strchr(). > > nfnl_osf.c: In function ‘nfnl_osf_load_fingerprints’: > nfnl_osf.c:292:39: warning: ‘%s’ directive output may be truncated writing > up to 1023 bytes into a region of size 128 [-Wformat-truncation=] > 292 | cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg); > | ^~ > nfnl_osf.c:292:9: note: ‘snprintf’ output between 2 and 1025 bytes into a > destination of size 128 > 292 | cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg); > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > nfnl_osf.c:302:46: warning: ‘%s’ directive output may be truncated writing > up to 1023 bytes into a region of size 32 [-Wformat-truncation=] > 302 | cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg); > | ^~ > nfnl_osf.c:302:10: note: ‘snprintf’ output between 1 and 1024 bytes into a > destination of size 32 > 302 | cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg); > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > nfnl_osf.c:309:49: warning: ‘%s’ directive output may be truncated writing > up to 1023 bytes into a region of size 32 [-Wformat-truncation=] > 309 | cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg); > | ^~ > nfnl_osf.c:309:9: note: ‘snprintf’ output between 1 and 1024 bytes into a > destination of size 32 > 309 | cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg); > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > nfnl_osf.c:317:47: warning: ‘%s’ directive output may be truncated writing > up to 1023 bytes into a region of size 32 [-Wformat-truncation=] > 317 | snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg); > | ^~ > nfnl_osf.c:317:7: note: ‘snprintf’ output between 1 and 1024 bytes into a > destination of size 32 > 317 | snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg); > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > Reported-by: Florian Westphal <fw@strlen.de> > Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net> > --- > src/nfnl_osf.c | 14 +++++++------- > 1 file changed, 7 insertions(+), 7 deletions(-) > > diff --git a/src/nfnl_osf.c b/src/nfnl_osf.c > index be3fd81..c99f8f3 100644 > --- a/src/nfnl_osf.c > +++ b/src/nfnl_osf.c > @@ -81,7 +81,7 @@ static char *nf_osf_strchr(char *ptr, char c) > if (tmp) > *tmp = '\0'; > > - while (tmp && tmp + 1 && isspace(*(tmp + 1))) > + while (tmp && isspace(*(tmp + 1))) > tmp++; > > return tmp; > @@ -212,7 +212,7 @@ static int osf_load_line(char *buffer, int len, int del, > struct netlink_ctx *ctx) > { > int i, cnt = 0; > - char obuf[MAXOPTSTRLEN]; > + char obuf[MAXOPTSTRLEN + 1]; > struct nf_osf_user_finger f; > char *pbeg, *pend; > struct nlmsghdr *nlh; > @@ -289,7 +289,7 @@ static int osf_load_line(char *buffer, int len, int del, > pend = nf_osf_strchr(pbeg, OSFPDEL); > if (pend) { > *pend = '\0'; > - cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg); > + cnt = snprintf(obuf, sizeof(obuf), "%.128s", pbeg); Not a big deal, but sizeof() and hard-coding the "precision" doesn't mix well in my opinion. I've solved this like so: i = sizeof(obuf); cnt = snprintf(obuf, i, "%.*s,", i - 2, pbeg); (i - 2) to leave space for the trailing comma and nul-char. Also note that your patch drops the trailing comma, I guess that's a bug. Maybe you want to have a look at my patch (Message-ID 20190720185226.8876-2-phil@nwl.cc) and incorporate what's useful into yours? It's your code, so you should know better how to fix things. :) Thanks, Phil
Hi Phil, On 7/20/19 10:21 PM, Phil Sutter wrote: > Hi Fernando, > > On Thu, Jul 18, 2019 at 01:01:46PM +0200, Fernando Fernandez Mancera wrote: >> Fedora 30 uses very recent gcc (version 9.1.1 20190503 (Red Hat 9.1.1-1)), >> osf produces following warnings: >> >> -Wformat-truncation warning have been introduced in the version 7.1 of gcc. >> Also, remove a unneeded address check of "tmp + 1" in nf_osf_strchr(). >> >> nfnl_osf.c: In function ‘nfnl_osf_load_fingerprints’: >> nfnl_osf.c:292:39: warning: ‘%s’ directive output may be truncated writing >> up to 1023 bytes into a region of size 128 [-Wformat-truncation=] >> 292 | cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg); >> | ^~ >> nfnl_osf.c:292:9: note: ‘snprintf’ output between 2 and 1025 bytes into a >> destination of size 128 >> 292 | cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg); >> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> nfnl_osf.c:302:46: warning: ‘%s’ directive output may be truncated writing >> up to 1023 bytes into a region of size 32 [-Wformat-truncation=] >> 302 | cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg); >> | ^~ >> nfnl_osf.c:302:10: note: ‘snprintf’ output between 1 and 1024 bytes into a >> destination of size 32 >> 302 | cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg); >> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> nfnl_osf.c:309:49: warning: ‘%s’ directive output may be truncated writing >> up to 1023 bytes into a region of size 32 [-Wformat-truncation=] >> 309 | cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg); >> | ^~ >> nfnl_osf.c:309:9: note: ‘snprintf’ output between 1 and 1024 bytes into a >> destination of size 32 >> 309 | cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg); >> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> nfnl_osf.c:317:47: warning: ‘%s’ directive output may be truncated writing >> up to 1023 bytes into a region of size 32 [-Wformat-truncation=] >> 317 | snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg); >> | ^~ >> nfnl_osf.c:317:7: note: ‘snprintf’ output between 1 and 1024 bytes into a >> destination of size 32 >> 317 | snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg); >> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> >> Reported-by: Florian Westphal <fw@strlen.de> >> Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net> >> --- >> src/nfnl_osf.c | 14 +++++++------- >> 1 file changed, 7 insertions(+), 7 deletions(-) >> >> diff --git a/src/nfnl_osf.c b/src/nfnl_osf.c >> index be3fd81..c99f8f3 100644 >> --- a/src/nfnl_osf.c >> +++ b/src/nfnl_osf.c >> @@ -81,7 +81,7 @@ static char *nf_osf_strchr(char *ptr, char c) >> if (tmp) >> *tmp = '\0'; >> >> - while (tmp && tmp + 1 && isspace(*(tmp + 1))) >> + while (tmp && isspace(*(tmp + 1))) >> tmp++; >> >> return tmp; >> @@ -212,7 +212,7 @@ static int osf_load_line(char *buffer, int len, int del, >> struct netlink_ctx *ctx) >> { >> int i, cnt = 0; >> - char obuf[MAXOPTSTRLEN]; >> + char obuf[MAXOPTSTRLEN + 1]; >> struct nf_osf_user_finger f; >> char *pbeg, *pend; >> struct nlmsghdr *nlh; >> @@ -289,7 +289,7 @@ static int osf_load_line(char *buffer, int len, int del, >> pend = nf_osf_strchr(pbeg, OSFPDEL); >> if (pend) { >> *pend = '\0'; >> - cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg); >> + cnt = snprintf(obuf, sizeof(obuf), "%.128s", pbeg); > > Not a big deal, but sizeof() and hard-coding the "precision" doesn't mix > well in my opinion. I've solved this like so: > > i = sizeof(obuf); > cnt = snprintf(obuf, i, "%.*s,", i - 2, pbeg); > > (i - 2) to leave space for the trailing comma and nul-char. Also note > that your patch drops the trailing comma, I guess that's a bug. > Oh! I am really happy that you spotted the missing trailing comma, thanks! :-) > Maybe you want to have a look at my patch (Message-ID > 20190720185226.8876-2-phil@nwl.cc) and incorporate what's useful into > yours? It's your code, so you should know better how to fix things. :) > > Thanks, Phil > I think your code is more readable than mine. I am going to send a v2 patch with your code but also adding the following fix. - while (tmp && tmp + 1 && isspace(*(tmp + 1))) + while (tmp && isspace(*(tmp + 1))) I am going to send a similar patch for the iptables tree because this file was imported from iptables.git/utils/nfnl_osf.c. Thanks!
Hi, On Sun, Jul 21, 2019 at 11:59:14AM +0200, Fernando Fernandez Mancera wrote: [...] > I think your code is more readable than mine. I am going to send a v2 > patch with your code but also adding the following fix. > > - while (tmp && tmp + 1 && isspace(*(tmp + 1))) > + while (tmp && isspace(*(tmp + 1))) > > I am going to send a similar patch for the iptables tree because this > file was imported from iptables.git/utils/nfnl_osf.c. Sounds great, thanks a lot! Cheers, Phil
diff --git a/src/nfnl_osf.c b/src/nfnl_osf.c index be3fd81..c99f8f3 100644 --- a/src/nfnl_osf.c +++ b/src/nfnl_osf.c @@ -81,7 +81,7 @@ static char *nf_osf_strchr(char *ptr, char c) if (tmp) *tmp = '\0'; - while (tmp && tmp + 1 && isspace(*(tmp + 1))) + while (tmp && isspace(*(tmp + 1))) tmp++; return tmp; @@ -212,7 +212,7 @@ static int osf_load_line(char *buffer, int len, int del, struct netlink_ctx *ctx) { int i, cnt = 0; - char obuf[MAXOPTSTRLEN]; + char obuf[MAXOPTSTRLEN + 1]; struct nf_osf_user_finger f; char *pbeg, *pend; struct nlmsghdr *nlh; @@ -289,7 +289,7 @@ static int osf_load_line(char *buffer, int len, int del, pend = nf_osf_strchr(pbeg, OSFPDEL); if (pend) { *pend = '\0'; - cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg); + cnt = snprintf(obuf, sizeof(obuf), "%.128s", pbeg); pbeg = pend + 1; } @@ -297,16 +297,16 @@ static int osf_load_line(char *buffer, int len, int del, if (pend) { *pend = '\0'; if (pbeg[0] == '@' || pbeg[0] == '*') - cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg + 1); + cnt = snprintf(f.genre, sizeof(f.genre), "%.31s", pbeg + 1); else - cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg); + cnt = snprintf(f.genre, sizeof(f.genre), "%.31s", pbeg); pbeg = pend + 1; } pend = nf_osf_strchr(pbeg, OSFPDEL); if (pend) { *pend = '\0'; - cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg); + cnt = snprintf(f.version, sizeof(f.version), "%.31s", pbeg); pbeg = pend + 1; } @@ -314,7 +314,7 @@ static int osf_load_line(char *buffer, int len, int del, if (pend) { *pend = '\0'; cnt = - snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg); + snprintf(f.subtype, sizeof(f.subtype), "%.31s", pbeg); pbeg = pend + 1; }
Fedora 30 uses very recent gcc (version 9.1.1 20190503 (Red Hat 9.1.1-1)), osf produces following warnings: -Wformat-truncation warning have been introduced in the version 7.1 of gcc. Also, remove a unneeded address check of "tmp + 1" in nf_osf_strchr(). nfnl_osf.c: In function ‘nfnl_osf_load_fingerprints’: nfnl_osf.c:292:39: warning: ‘%s’ directive output may be truncated writing up to 1023 bytes into a region of size 128 [-Wformat-truncation=] 292 | cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg); | ^~ nfnl_osf.c:292:9: note: ‘snprintf’ output between 2 and 1025 bytes into a destination of size 128 292 | cnt = snprintf(obuf, sizeof(obuf), "%s,", pbeg); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ nfnl_osf.c:302:46: warning: ‘%s’ directive output may be truncated writing up to 1023 bytes into a region of size 32 [-Wformat-truncation=] 302 | cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg); | ^~ nfnl_osf.c:302:10: note: ‘snprintf’ output between 1 and 1024 bytes into a destination of size 32 302 | cnt = snprintf(f.genre, sizeof(f.genre), "%s", pbeg); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ nfnl_osf.c:309:49: warning: ‘%s’ directive output may be truncated writing up to 1023 bytes into a region of size 32 [-Wformat-truncation=] 309 | cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg); | ^~ nfnl_osf.c:309:9: note: ‘snprintf’ output between 1 and 1024 bytes into a destination of size 32 309 | cnt = snprintf(f.version, sizeof(f.version), "%s", pbeg); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ nfnl_osf.c:317:47: warning: ‘%s’ directive output may be truncated writing up to 1023 bytes into a region of size 32 [-Wformat-truncation=] 317 | snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg); | ^~ nfnl_osf.c:317:7: note: ‘snprintf’ output between 1 and 1024 bytes into a destination of size 32 317 | snprintf(f.subtype, sizeof(f.subtype), "%s", pbeg); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Reported-by: Florian Westphal <fw@strlen.de> Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net> --- src/nfnl_osf.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-)