mirror of
https://github.com/systemd/systemd.git
synced 2025-01-25 10:04:04 +03:00
journal-upload: add asserts that snprintf does not return an error
LGMT complains: > The size argument of this snprintf call is derived from its return value, > which may exceed the size of the buffer and overflow. Let's make sure that r is non-negative. (This shouldn't occur unless the format string is borked, so let's just add an assert.) Then, let's reorder the comparison to avoid the potential overflow.
This commit is contained in:
parent
7c3733d5de
commit
91db8ed5b2
@ -34,7 +34,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
|
||||
|
||||
r = snprintf(buf + pos, size - pos,
|
||||
"__CURSOR=%s\n", u->current_cursor);
|
||||
if (pos + r > size)
|
||||
assert(r >= 0);
|
||||
if ((size_t) r > size - pos)
|
||||
/* not enough space */
|
||||
return pos;
|
||||
|
||||
@ -58,7 +59,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
|
||||
|
||||
r = snprintf(buf + pos, size - pos,
|
||||
"__REALTIME_TIMESTAMP="USEC_FMT"\n", realtime);
|
||||
if (r + pos > size)
|
||||
assert(r >= 0);
|
||||
if ((size_t) r > size - pos)
|
||||
/* not enough space */
|
||||
return pos;
|
||||
|
||||
@ -83,7 +85,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
|
||||
|
||||
r = snprintf(buf + pos, size - pos,
|
||||
"__MONOTONIC_TIMESTAMP="USEC_FMT"\n", monotonic);
|
||||
if (r + pos > size)
|
||||
assert(r >= 0);
|
||||
if ((size_t) r > size - pos)
|
||||
/* not enough space */
|
||||
return pos;
|
||||
|
||||
@ -108,7 +111,8 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
|
||||
|
||||
r = snprintf(buf + pos, size - pos,
|
||||
"_BOOT_ID=%s\n", sd_id128_to_string(boot_id, sid));
|
||||
if (r + pos > size)
|
||||
assert(r >= 0);
|
||||
if ((size_t) r > size - pos)
|
||||
/* not enough space */
|
||||
return pos;
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user