diff options
author | Lukas Zaoral <lzaoral@redhat.com> | 2021-04-14 21:23:24 +0200 |
---|---|---|
committer | Cristian Cadar <c.cadar@imperial.ac.uk> | 2021-04-18 20:04:46 +0100 |
commit | a0e2d3c837ddd4398ff3af76c34ddeb32d70e7b5 (patch) | |
tree | 32b6b7a6bf68ce9428405761679074a8efe3566e | |
parent | b0aef8ebc9d53945549fc477558a4437baa46e2d (diff) | |
download | klee-a0e2d3c837ddd4398ff3af76c34ddeb32d70e7b5.tar.gz |
klee-replay: Fix -Wformat-truncation warning
Increase the size of the buffer to PATH_MAX in create_link as that is the maximal possible length of fname and check whether output truncation occurred. Fixes: tools/klee-replay/file-creator.c: In function 'create_file': tools/klee-replay/file-creator.c:55:31: warning: '%s' directive output may be truncated writing up to 4095 bytes into a region of size 64 [-Wformat-truncation=] 55 | snprintf(buf, sizeof(buf), "%s.lnk", fname); | ^~ ...... 344 | target = tmpname; | ~~~~~~~ In file included from /usr/include/stdio.h:866, from tools/klee-replay/file-creator.c:16: /usr/include/bits/stdio2.h:70:10: note: '__snprintf_chk' output between 5 and 4100 bytes into a destination of size 64 70 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 71 | __bos (__s), __fmt, __va_arg_pack ()); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-rw-r--r-- | tools/klee-replay/file-creator.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/tools/klee-replay/file-creator.c b/tools/klee-replay/file-creator.c index f843a1eb..497cf1c3 100644 --- a/tools/klee-replay/file-creator.c +++ b/tools/klee-replay/file-creator.c @@ -49,10 +49,15 @@ static void check_file(int index, exe_disk_file_t *dfile); static int create_link(const char *fname, exe_disk_file_t *dfile, const char *tmpdir) { - char buf[64]; + char buf[PATH_MAX]; struct stat64 *s = dfile->stat; - snprintf(buf, sizeof(buf), "%s.lnk", fname); + // make sure that the .lnk suffix is not truncated + if (snprintf(buf, sizeof buf, "%s.lnk", fname) >= PATH_MAX) { + fputs("create_link: fname is too long for additional .lnk suffix", stderr); + return -1; + } + s->st_mode = (s->st_mode & ~S_IFMT) | S_IFREG; create_file(-1, buf, dfile, tmpdir); |