misc: safer (and uniform) handling of return value
When `rc` is `INT_MAX`, `rc + 1` result in signed integer overflow. Signed-off-by: Karel Zak <kzak@redhat.com>
This commit is contained in:
parent
ff27b20f3c
commit
06fa581748
|
@ -316,7 +316,7 @@ static int is_irrotational_disk(dev_t disk)
|
|||
"/sys/dev/block/%d:%d/queue/rotational",
|
||||
major(disk), minor(disk));
|
||||
|
||||
if (rc < 0 || (unsigned int) (rc + 1) > sizeof(path))
|
||||
if (rc < 0 || (unsigned int) rc >= sizeof(path))
|
||||
return 0;
|
||||
|
||||
f = fopen(path, "r");
|
||||
|
|
6
lib/at.c
6
lib/at.c
|
@ -31,7 +31,7 @@ int fstat_at(int dir __attribute__ ((__unused__)), const char *dirname,
|
|||
int len;
|
||||
|
||||
len = snprintf(path, sizeof(path), "%s/%s", dirname, filename);
|
||||
if (len < 0 || len + 1 > sizeof(path))
|
||||
if (len < 0 || (size_t)len >= sizeof(path))
|
||||
return -1;
|
||||
|
||||
return nofollow ? lstat(path, st) : stat(path, st);
|
||||
|
@ -56,7 +56,7 @@ int open_at(int dir __attribute__((__unused__)), const char *dirname,
|
|||
int len;
|
||||
|
||||
len = snprintf(path, sizeof(path), "%s/%s", dirname, filename);
|
||||
if (len < 0 || len + 1 > sizeof(path))
|
||||
if (len < 0 || (size_t)len >= sizeof(path))
|
||||
return -1;
|
||||
|
||||
return open(path, flags);
|
||||
|
@ -91,7 +91,7 @@ ssize_t readlink_at(int dir __attribute__((__unused__)), const char *dirname,
|
|||
int len;
|
||||
|
||||
len = snprintf(path, sizeof(path), "%s/%s", dirname, pathname);
|
||||
if (len < 0 || len + 1 > sizeof(path))
|
||||
if (len < 0 || (size_t)len >= sizeof(path))
|
||||
return -1;
|
||||
|
||||
return readlink(path, buf, bufsiz);
|
||||
|
|
|
@ -177,13 +177,10 @@ char *cpulist_create(char *str, size_t len,
|
|||
rlen = snprintf(ptr, len, "%zu-%zu,", i, i + run);
|
||||
i += run;
|
||||
}
|
||||
if (rlen < 0 || (size_t) rlen + 1 > len)
|
||||
if (rlen < 0 || (size_t) rlen >= len)
|
||||
return NULL;
|
||||
ptr += rlen;
|
||||
if (rlen > 0 && len > (size_t) rlen)
|
||||
len -= rlen;
|
||||
else
|
||||
len = 0;
|
||||
len -= rlen;
|
||||
}
|
||||
}
|
||||
ptr -= entry_made;
|
||||
|
|
12
lib/sysfs.c
12
lib/sysfs.c
|
@ -26,7 +26,7 @@ char *sysfs_devno_attribute_path(dev_t devno, char *buf,
|
|||
len = snprintf(buf, bufsiz, _PATH_SYS_DEVBLOCK "/%d:%d",
|
||||
major(devno), minor(devno));
|
||||
|
||||
return (len < 0 || (size_t) len + 1 > bufsiz) ? NULL : buf;
|
||||
return (len < 0 || (size_t) len >= bufsiz) ? NULL : buf;
|
||||
}
|
||||
|
||||
int sysfs_devno_has_attribute(dev_t devno, const char *attr)
|
||||
|
@ -82,7 +82,7 @@ dev_t sysfs_devname_to_devno(const char *name, const char *parent)
|
|||
_PATH_SYS_BLOCK "/%s/%s/dev", _parent, _name);
|
||||
free(_name);
|
||||
free(_parent);
|
||||
if (len < 0 || (size_t) len + 1 > sizeof(buf))
|
||||
if (len < 0 || (size_t) len >= sizeof(buf))
|
||||
return 0;
|
||||
path = buf;
|
||||
|
||||
|
@ -100,7 +100,7 @@ dev_t sysfs_devname_to_devno(const char *name, const char *parent)
|
|||
len = snprintf(buf, sizeof(buf),
|
||||
_PATH_SYS_BLOCK "/%s/dev", _name);
|
||||
free(_name);
|
||||
if (len < 0 || (size_t) len + 1 > sizeof(buf))
|
||||
if (len < 0 || (size_t) len >= sizeof(buf))
|
||||
return 0;
|
||||
path = buf;
|
||||
}
|
||||
|
@ -463,7 +463,7 @@ int sysfs_write_u64(struct sysfs_cxt *cxt, const char *attr, uint64_t num)
|
|||
return -errno;
|
||||
|
||||
len = snprintf(buf, sizeof(buf), "%" PRIu64, num);
|
||||
if (len < 0 || (size_t) len + 1 > sizeof(buf))
|
||||
if (len < 0 || (size_t) len >= sizeof(buf))
|
||||
rc = len < 0 ? -errno : -E2BIG;
|
||||
else
|
||||
rc = write_all(fd, buf, len);
|
||||
|
@ -930,7 +930,7 @@ static char *sysfs_scsi_host_attribute_path(struct sysfs_cxt *cxt,
|
|||
len = snprintf(buf, bufsz, _PATH_SYS_CLASS "/%s_host/host%d",
|
||||
type, host);
|
||||
|
||||
return (len < 0 || (size_t) len + 1 > bufsz) ? NULL : buf;
|
||||
return (len < 0 || (size_t) len >= bufsz) ? NULL : buf;
|
||||
}
|
||||
|
||||
char *sysfs_scsi_host_strdup_attribute(struct sysfs_cxt *cxt,
|
||||
|
@ -979,7 +979,7 @@ static char *sysfs_scsi_attribute_path(struct sysfs_cxt *cxt,
|
|||
else
|
||||
len = snprintf(buf, bufsz, _PATH_SYS_SCSI "/devices/%d:%d:%d:%d",
|
||||
h,c,t,l);
|
||||
return (len < 0 || (size_t) len + 1 > bufsz) ? NULL : buf;
|
||||
return (len < 0 || (size_t) len >= bufsz) ? NULL : buf;
|
||||
}
|
||||
|
||||
int sysfs_scsi_has_attribute(struct sysfs_cxt *cxt, const char *attr)
|
||||
|
|
|
@ -383,15 +383,11 @@ static char *mk_string_list(char *ptr, size_t *len, size_t *begin,
|
|||
snprintf(ptr, *len, "%c-%c,", tochar(*begin), tochar(*begin + *run)) :
|
||||
snprintf(ptr, *len, "%zu-%zu,", *begin, *begin + *run);
|
||||
|
||||
if (rlen < 0 || (size_t) rlen + 1 > *len)
|
||||
if (rlen < 0 || (size_t) rlen >= *len)
|
||||
return NULL;
|
||||
|
||||
ptr += rlen;
|
||||
|
||||
if (rlen > 0 && *len > (size_t) rlen)
|
||||
*len -= rlen;
|
||||
else
|
||||
*len = 0;
|
||||
*len -= rlen;
|
||||
|
||||
if (cur == -1 && *begin) {
|
||||
/* end of the list */
|
||||
|
|
|
@ -1057,7 +1057,7 @@ static void init_environ(struct login_context *cxt)
|
|||
|
||||
/* mailx will give a funny error msg if you forget this one */
|
||||
len = snprintf(tmp, sizeof(tmp), "%s/%s", _PATH_MAILDIR, pwd->pw_name);
|
||||
if (len > 0 && (size_t) len + 1 <= sizeof(tmp))
|
||||
if (len > 0 && (size_t) len < sizeof(tmp))
|
||||
setenv("MAIL", tmp, 0);
|
||||
|
||||
/* LOGNAME is not documented in login(1) but HP-UX 6.5 does it. We'll
|
||||
|
|
|
@ -397,7 +397,7 @@ again:
|
|||
x = snprintf(p, len, "%s,", grp->gr_name);
|
||||
}
|
||||
|
||||
if (x < 0 || (size_t) x + 1 > len) {
|
||||
if (x < 0 || (size_t) x >= len) {
|
||||
size_t cur = p - res;
|
||||
|
||||
maxlen *= 2;
|
||||
|
|
|
@ -514,10 +514,15 @@ static void headers_init(struct cal_control *ctl)
|
|||
size_t i, wd;
|
||||
char *cur_dh = day_headings;
|
||||
char tmp[FMT_ST_CHARS];
|
||||
size_t year_len;
|
||||
int year_len;
|
||||
|
||||
year_len = snprintf(tmp, sizeof(tmp), "%d", ctl->req.year);
|
||||
|
||||
if (year_len < 0 || (size_t)year_len >= sizeof(tmp)) {
|
||||
/* XXX impossible error */
|
||||
return;
|
||||
}
|
||||
|
||||
for (i = 0; i < DAYS_IN_WEEK; i++) {
|
||||
size_t space_left;
|
||||
wd = (i + ctl->weekstart) % DAYS_IN_WEEK;
|
||||
|
|
|
@ -1273,12 +1273,14 @@ get_cell_data(struct lscpu_desc *desc, int idx, int col,
|
|||
if (cpuset_ary_isset(cpu, ca->sharedmaps,
|
||||
ca->nsharedmaps, setsize, &i) == 0) {
|
||||
int x = snprintf(p, sz, "%zu", i);
|
||||
if (x <= 0 || (size_t) x + 2 >= sz)
|
||||
if (x < 0 || (size_t) x >= sz)
|
||||
return NULL;
|
||||
p += x;
|
||||
sz -= x;
|
||||
}
|
||||
if (j != 0) {
|
||||
if (sz < 2)
|
||||
return NULL;
|
||||
*p++ = mod->compat ? ',' : ':';
|
||||
*p = '\0';
|
||||
sz--;
|
||||
|
@ -1346,11 +1348,13 @@ get_cell_header(struct lscpu_desc *desc, int col,
|
|||
|
||||
for (i = desc->ncaches - 1; i >= 0; i--) {
|
||||
int x = snprintf(p, sz, "%s", desc->caches[i].name);
|
||||
if (x <= 0 || (size_t) x + 2 > sz)
|
||||
if (x < 0 || (size_t) x >= sz)
|
||||
return NULL;
|
||||
sz -= x;
|
||||
p += x;
|
||||
if (i > 0) {
|
||||
if (sz < 2)
|
||||
return NULL;
|
||||
*p++ = mod->compat ? ',' : ':';
|
||||
*p = '\0';
|
||||
sz--;
|
||||
|
|
|
@ -71,7 +71,7 @@ static int dir_to_device(struct mountpoint_control *ctl)
|
|||
len = snprintf(buf, sizeof(buf), "%s/..", cn ? cn : ctl->path);
|
||||
free(cn);
|
||||
|
||||
if (len < 0 || (size_t) len + 1 > sizeof(buf))
|
||||
if (len < 0 || (size_t) len >= sizeof(buf))
|
||||
return -1;
|
||||
if (stat(buf, &pst) !=0)
|
||||
return -1;
|
||||
|
|
|
@ -1001,8 +1001,8 @@ static void open_tty(char *tty, struct termios *tp, struct options *op)
|
|||
if ((gr = getgrnam("tty")))
|
||||
gid = gr->gr_gid;
|
||||
|
||||
if (((len = snprintf(buf, sizeof(buf), "/dev/%s", tty)) >=
|
||||
(int)sizeof(buf)) || (len < 0))
|
||||
len = snprintf(buf, sizeof(buf), "/dev/%s", tty);
|
||||
if (len < 0 || (size_t)len >= sizeof(buf))
|
||||
log_err(_("/dev/%s: cannot open as standard input: %m"), tty);
|
||||
|
||||
/* Open the tty as standard input. */
|
||||
|
|
|
@ -90,7 +90,7 @@ ttymsg(struct iovec *iov, size_t iovcnt, char *line, int tmout) {
|
|||
also wrong since people use /dev/pts/xxx. */
|
||||
|
||||
len = snprintf(device, sizeof(device), "%s%s", _PATH_DEV, line);
|
||||
if (len < 0 || len + 1 > (ssize_t) sizeof(device)) {
|
||||
if (len < 0 || (size_t)len >= sizeof(device)) {
|
||||
snprintf(errbuf, sizeof(errbuf), _("excessively long line arg"));
|
||||
return errbuf;
|
||||
}
|
||||
|
@ -104,7 +104,7 @@ ttymsg(struct iovec *iov, size_t iovcnt, char *line, int tmout) {
|
|||
return NULL;
|
||||
|
||||
len = snprintf(errbuf, sizeof(errbuf), "%s: %m", device);
|
||||
if (len < 0 || len + 1 > (ssize_t) sizeof(errbuf))
|
||||
if (len < 0 || (size_t)len >= sizeof(errbuf))
|
||||
snprintf(errbuf, sizeof(errbuf), _("open failed"));
|
||||
return errbuf;
|
||||
}
|
||||
|
@ -145,7 +145,7 @@ ttymsg(struct iovec *iov, size_t iovcnt, char *line, int tmout) {
|
|||
cpid = fork();
|
||||
if (cpid < 0) {
|
||||
len = snprintf(errbuf, sizeof(errbuf), _("fork: %m"));
|
||||
if (len < 0 || len + 1 > (ssize_t) sizeof(errbuf))
|
||||
if (len < 0 || (size_t)len >= sizeof(errbuf))
|
||||
snprintf(errbuf, sizeof(errbuf), _("cannot fork"));
|
||||
close(fd);
|
||||
return errbuf;
|
||||
|
@ -177,7 +177,7 @@ ttymsg(struct iovec *iov, size_t iovcnt, char *line, int tmout) {
|
|||
_exit(EXIT_FAILURE);
|
||||
|
||||
len = snprintf(errbuf, sizeof(errbuf), "%s: %m", device);
|
||||
if (len < 0 || len + 1 > (ssize_t) sizeof(errbuf))
|
||||
if (len < 0 || (size_t)len >= sizeof(errbuf))
|
||||
snprintf(errbuf, sizeof(errbuf),
|
||||
_("%s: BAD ERROR, message is "
|
||||
"far too long"), device);
|
||||
|
|
|
@ -217,8 +217,8 @@ static void buf_printf(struct buffer *bs, const char *fmt, ...)
|
|||
rc = vsnprintf(bs->data + bs->used, limit, fmt, ap);
|
||||
va_end(ap);
|
||||
|
||||
if (rc > 0 && (size_t) rc + 1 > limit) { /* not enoght, enlarge */
|
||||
buf_enlarge(bs, rc + 1);
|
||||
if (rc >= 0 && (size_t) rc >= limit) { /* not enoght, enlarge */
|
||||
buf_enlarge(bs, (size_t)rc + 1);
|
||||
limit = bs->sz - bs->used;
|
||||
va_start(ap, fmt);
|
||||
rc = vsnprintf(bs->data + bs->used, limit, fmt, ap);;
|
||||
|
|
Loading…
Reference in New Issue