|
 |
661545 |
From c394463688c332199a8fcabe6f84818b57c730b3 Mon Sep 17 00:00:00 2001
|
|
|
661545 |
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
|
|
661545 |
Date: Tue, 2 Oct 2018 12:46:31 +0200
|
|
|
661545 |
Subject: [PATCH] journal-upload: add asserts that snprintf does not return an
|
|
|
661545 |
error
|
|
|
661545 |
|
|
|
661545 |
LGMT complains:
|
|
|
661545 |
> The size argument of this snprintf call is derived from its return value,
|
|
|
661545 |
> which may exceed the size of the buffer and overflow.
|
|
|
661545 |
|
|
|
661545 |
Let's make sure that r is non-negative. (This shouldn't occur unless the format
|
|
|
661545 |
string is borked, so let's just add an assert.)
|
|
|
661545 |
Then, let's reorder the comparison to avoid the potential overflow.
|
|
|
661545 |
|
|
|
661545 |
(cherry picked from commit 91db8ed5b2e67abf738381a6ed6a05a8271498cd)
|
|
|
661545 |
|
|
|
661545 |
Resolves: #1694605
|
|
|
661545 |
---
|
|
|
661545 |
src/journal-remote/journal-upload-journal.c | 12 ++++++++----
|
|
|
661545 |
1 file changed, 8 insertions(+), 4 deletions(-)
|
|
|
661545 |
|
|
|
661545 |
diff --git a/src/journal-remote/journal-upload-journal.c b/src/journal-remote/journal-upload-journal.c
|
|
|
661545 |
index 5fd639a76a..c244a76932 100644
|
|
|
661545 |
--- a/src/journal-remote/journal-upload-journal.c
|
|
|
661545 |
+++ b/src/journal-remote/journal-upload-journal.c
|
|
|
661545 |
@@ -30,7 +30,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
|
|
|
661545 |
|
|
|
661545 |
r = snprintf(buf + pos, size - pos,
|
|
|
661545 |
"__CURSOR=%s\n", u->current_cursor);
|
|
|
661545 |
- if (pos + r > size)
|
|
|
661545 |
+ assert(r >= 0);
|
|
|
661545 |
+ if ((size_t) r > size - pos)
|
|
|
661545 |
/* not enough space */
|
|
|
661545 |
return pos;
|
|
|
661545 |
|
|
|
661545 |
@@ -54,7 +55,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
|
|
|
661545 |
|
|
|
661545 |
r = snprintf(buf + pos, size - pos,
|
|
|
661545 |
"__REALTIME_TIMESTAMP="USEC_FMT"\n", realtime);
|
|
|
661545 |
- if (r + pos > size)
|
|
|
661545 |
+ assert(r >= 0);
|
|
|
661545 |
+ if ((size_t) r > size - pos)
|
|
|
661545 |
/* not enough space */
|
|
|
661545 |
return pos;
|
|
|
661545 |
|
|
|
661545 |
@@ -79,7 +81,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
|
|
|
661545 |
|
|
|
661545 |
r = snprintf(buf + pos, size - pos,
|
|
|
661545 |
"__MONOTONIC_TIMESTAMP="USEC_FMT"\n", monotonic);
|
|
|
661545 |
- if (r + pos > size)
|
|
|
661545 |
+ assert(r >= 0);
|
|
|
661545 |
+ if ((size_t) r > size - pos)
|
|
|
661545 |
/* not enough space */
|
|
|
661545 |
return pos;
|
|
|
661545 |
|
|
|
661545 |
@@ -104,7 +107,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
|
|
|
661545 |
|
|
|
661545 |
r = snprintf(buf + pos, size - pos,
|
|
|
661545 |
"_BOOT_ID=%s\n", sd_id128_to_string(boot_id, sid));
|
|
|
661545 |
- if (r + pos > size)
|
|
|
661545 |
+ assert(r >= 0);
|
|
|
661545 |
+ if ((size_t) r > size - pos)
|
|
|
661545 |
/* not enough space */
|
|
|
661545 |
return pos;
|
|
|
661545 |
|