[Bug 1739889] Re: Compiler warning about possiable overflow in devname.c
Mathew Hodson
mathew.hodson at gmail.com
Mon Mar 5 05:19:04 UTC 2018
** Changed in: util-linux (Ubuntu)
Importance: Undecided => Low
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1739889
Title:
Compiler warning about possiable overflow in devname.c
Status in util-linux package in Ubuntu:
New
Bug description:
I just compiled mount and got the following warning:
libblkid/src/devname.c:166:29: warning: ‘%s’ directive writing up to 255 bytes into a region of size 245 [-Wformat-overflow=]
sprintf(path, "/sys/block/%s/slaves", de->d_name);
^~
In file included from /usr/include/stdio.h:862:0,
from libblkid/src/devname.c:16:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:33:10: note: ‘__builtin___sprintf_chk’ output between 19 and 274 bytes into a destination of size 256
return __builtin___sprintf_chk (__s, __USE_FORTIFY_LEVEL - 1,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
__bos (__s), __fmt, __va_arg_pack ());
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code preceding this does a length check to prevent overflow. However,
the warning was still alarming. The attached patch switches sprintf to
snprintf and ups the buffer size to 300. This will silence the
compiler and support longer device names. There didn't appear to be
any technical reason for the 256 byte limit. If there is we just get a
different less alarming truncation warning. This also means we don't
need the hard coded length check.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1739889/+subscriptions
More information about the Ubuntu-sponsors
mailing list