From: Kefu Chai <kchai@redhat.com>
Date: Wed, 29 May 2019 09:45:35 +0000 (+0800)
Subject: common/blkdev.c: check retval of snprintf()
X-Git-Tag: v14.2.10~213^2~4
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=283fe1b94e991ac32dae5f9acf6d249e33651bfe;p=ceph.git

common/blkdev.c: check retval of snprintf()

as snprintf()'ed string could be truncated, to properly use this
function, we need to check its return value.

to silence warning like

../src/common/blkdev.cc: In member function ‘int64_t
BlkDev::get_string_property(blkdev_prop_t, char*, size_t) const’:
../src/common/blkdev.cc:165:15: warning: ‘%s’ directive output may be
truncated writing up to 4095 bytes into a region of size between 4085
and 4089 [-Wformat-truncation=]
  165 |     "%s/block/%s/%s", sysfsdir(), dev, propstr);
      |               ^~
In file included from /usr/include/stdio.h:873,
                 from /usr/include/c++/9/cstdio:42,
                 from /usr/include/c++/9/ext/string_conversions.h:43,
                 from /usr/include/c++/9/bits/basic_string.h:6493,
                 from /usr/include/c++/9/string:55,
                 from /usr/include/c++/9/bits/locale_classes.h:40,
                 from /usr/include/c++/9/bits/ios_base.h:41,
                 from /usr/include/c++/9/ios:42,
                 from /usr/include/c++/9/ostream:38,
                 from /usr/include/c++/9/iterator:64,
                 from
/opt/ceph/include/boost/iterator/iterator_traits.hpp:10,
                 from
/opt/ceph/include/boost/range/iterator_range_core.hpp:26,
                 from
/opt/ceph/include/boost/algorithm/string/replace.hpp:16,
                 from ../src/common/blkdev.cc:31:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:67:35: note:
‘__builtin___snprintf_chk’ output 9 or more bytes (assuming 4108) into a
destination of size 4096
   67 |   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL
- 1,
      |
~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   68 |        __bos (__s), __fmt, __va_arg_pack ());
      |        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Kefu Chai <kchai@redhat.com>
(cherry picked from commit ae466a0089fb4802751e5c9c5d79aa29426ace91)
---

diff --git a/src/common/blkdev.cc b/src/common/blkdev.cc
index e01ad3c62e41..074eb2c80c6d 100644
--- a/src/common/blkdev.cc
+++ b/src/common/blkdev.cc
@@ -161,8 +161,10 @@ int64_t BlkDev::get_string_property(blkdev_prop_t prop,
   } else {
     dev = devname.c_str();
   }
-  snprintf(filename, sizeof(filename),
-	   "%s/block/%s/%s", sysfsdir(), dev, propstr);
+  if (snprintf(filename, sizeof(filename), "%s/block/%s/%s", sysfsdir(), dev,
+	       propstr) >= static_cast<int>(sizeof(filename))) {
+    return -ERANGE;
+  }
 
   FILE *fp = fopen(filename, "r");
   if (fp == NULL) {