From a0e2d3c837ddd4398ff3af76c34ddeb32d70e7b5 Mon Sep 17 00:00:00 2001 From: Lukas Zaoral Date: Wed, 14 Apr 2021 21:23:24 +0200 Subject: klee-replay: Fix -Wformat-truncation warning Increase the size of the buffer to PATH_MAX in create_link as that is the maximal possible length of fname and check whether output truncation occurred. Fixes: tools/klee-replay/file-creator.c: In function 'create_file': tools/klee-replay/file-creator.c:55:31: warning: '%s' directive output may be truncated writing up to 4095 bytes into a region of size 64 [-Wformat-truncation=] 55 | snprintf(buf, sizeof(buf), "%s.lnk", fname); | ^~ ...... 344 | target = tmpname; | ~~~~~~~ In file included from /usr/include/stdio.h:866, from tools/klee-replay/file-creator.c:16: /usr/include/bits/stdio2.h:70:10: note: '__snprintf_chk' output between 5 and 4100 bytes into a destination of size 64 70 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 71 | __bos (__s), __fmt, __va_arg_pack ()); | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- tools/klee-replay/file-creator.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'tools/klee-replay') diff --git a/tools/klee-replay/file-creator.c b/tools/klee-replay/file-creator.c index f843a1eb..497cf1c3 100644 --- a/tools/klee-replay/file-creator.c +++ b/tools/klee-replay/file-creator.c @@ -49,10 +49,15 @@ static void check_file(int index, exe_disk_file_t *dfile); static int create_link(const char *fname, exe_disk_file_t *dfile, const char *tmpdir) { - char buf[64]; + char buf[PATH_MAX]; struct stat64 *s = dfile->stat; - snprintf(buf, sizeof(buf), "%s.lnk", fname); + // make sure that the .lnk suffix is not truncated + if (snprintf(buf, sizeof buf, "%s.lnk", fname) >= PATH_MAX) { + fputs("create_link: fname is too long for additional .lnk suffix", stderr); + return -1; + } + s->st_mode = (s->st_mode & ~S_IFMT) | S_IFREG; create_file(-1, buf, dfile, tmpdir); -- cgit 1.4.1