661545
From c394463688c332199a8fcabe6f84818b57c730b3 Mon Sep 17 00:00:00 2001
661545
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
661545
Date: Tue, 2 Oct 2018 12:46:31 +0200
661545
Subject: [PATCH] journal-upload: add asserts that snprintf does not return an
661545
 error
661545
661545
LGMT complains:
661545
> The size argument of this snprintf call is derived from its return value,
661545
> which may exceed the size of the buffer and overflow.
661545
661545
Let's make sure that r is non-negative. (This shouldn't occur unless the format
661545
string is borked, so let's just add an assert.)
661545
Then, let's reorder the comparison to avoid the potential overflow.
661545
661545
(cherry picked from commit 91db8ed5b2e67abf738381a6ed6a05a8271498cd)
661545
661545
Resolves: #1694605
661545
---
661545
 src/journal-remote/journal-upload-journal.c | 12 ++++++++----
661545
 1 file changed, 8 insertions(+), 4 deletions(-)
661545
661545
diff --git a/src/journal-remote/journal-upload-journal.c b/src/journal-remote/journal-upload-journal.c
661545
index 5fd639a76a..c244a76932 100644
661545
--- a/src/journal-remote/journal-upload-journal.c
661545
+++ b/src/journal-remote/journal-upload-journal.c
661545
@@ -30,7 +30,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
661545
 
661545
                         r = snprintf(buf + pos, size - pos,
661545
                                      "__CURSOR=%s\n", u->current_cursor);
661545
-                        if (pos + r > size)
661545
+                        assert(r >= 0);
661545
+                        if ((size_t) r > size - pos)
661545
                                 /* not enough space */
661545
                                 return pos;
661545
 
661545
@@ -54,7 +55,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
661545
 
661545
                         r = snprintf(buf + pos, size - pos,
661545
                                      "__REALTIME_TIMESTAMP="USEC_FMT"\n", realtime);
661545
-                        if (r + pos > size)
661545
+                        assert(r >= 0);
661545
+                        if ((size_t) r > size - pos)
661545
                                 /* not enough space */
661545
                                 return pos;
661545
 
661545
@@ -79,7 +81,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
661545
 
661545
                         r = snprintf(buf + pos, size - pos,
661545
                                      "__MONOTONIC_TIMESTAMP="USEC_FMT"\n", monotonic);
661545
-                        if (r + pos > size)
661545
+                        assert(r >= 0);
661545
+                        if ((size_t) r > size - pos)
661545
                                 /* not enough space */
661545
                                 return pos;
661545
 
661545
@@ -104,7 +107,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
661545
 
661545
                         r = snprintf(buf + pos, size - pos,
661545
                                      "_BOOT_ID=%s\n", sd_id128_to_string(boot_id, sid));
661545
-                        if (r + pos > size)
661545
+                        assert(r >= 0);
661545
+                        if ((size_t) r > size - pos)
661545
                                 /* not enough space */
661545
                                 return pos;
661545