#define WARN_STRING "WARNING: "
#define ERR_STRING "ERROR: "
+#if (STP_LOG_BUF_LEN < 10) /* sizeof(WARN_STRING) */
+#error "STP_LOG_BUF_LEN is too short"
+#endif
+
enum code { INFO=0, WARN, ERROR, DBUG };
static void _stp_vlog (enum code type, const char *func, int line, const char *fmt, va_list args)
if (type == DBUG) {
start = _stp_snprintf(buf, STP_LOG_BUF_LEN, "%s:%d: ", func, line);
} else if (type == WARN) {
+ /* This strcpy() is OK, since we know STP_LOG_BUF_LEN
+ * is > sizeof(WARN_STRING). */
strcpy (buf, WARN_STRING);
start = sizeof(WARN_STRING) - 1;
} else if (type == ERROR) {
+ /* This strcpy() is OK, since we know STP_LOG_BUF_LEN
+ * is > sizeof(ERR_STRING) (which is < sizeof(WARN_STRING). */
strcpy (buf, ERR_STRING);
start = sizeof(ERR_STRING) - 1;
}
if (len + 2 + strlen(path) >= PATH_MAX)
return NULL;
path_buf[len] = '/';
+ /* Note that this strcpy() call is OK, since we checked
+ * the length earlier to make sure the string would fit. */
strcpy(&path_buf[len + 1], path);
return path_buf;
}
}
/* special case: for testing we sometimes want to write to /dev/null */
if (strcmp(outfile_name, "/dev/null") == 0) {
+ /* This strcpy() call is OK since we know that the
+ * buffer is at least PATH_MAX bytes long at this
+ * point. */
strcpy(buf, "/dev/null");
} else {
if (bulk) {
return 0;
}
+ /* These uses of sprintf() are OK, since we just allocated the
+ * string to be the correct length. */
sprintf (fileName, "%s/cert8.db", cert_db_path);
rc &= check_db_file_permissions (fileName);
sprintf (fileName, "%s/key3.db", cert_db_path);
if (outfile_name) {
/* special case: for testing we sometimes want to write to /dev/null */
if (strcmp(outfile_name, "/dev/null") == 0) {
+ /* This strcpy() is OK, since
+ * we know buf is PATH_MAX
+ * bytes long. */
strcpy(buf, "/dev/null");
} else {
len = stap_strfloctime(buf, PATH_MAX,
/* special case: for testing we sometimes want to
* write to /dev/null */
if (strcmp(outfile_name, "/dev/null") == 0) {
+ /* This strcpy() is OK, since we know tmp is
+ * PATH_MAX bytes long. */
strcpy(tmp, "/dev/null");
} else {
int len;
_perr("[re]allocating memory failed");
return -1;
}
+ /* Note that these strcat() calls are OK, since we just
+ * allocated space for the resulting string. */
strcat(opts, " ");
strcat(opts, options[i]);
}
/* Add the .sgn suffix to the canonicalized module path to get the signature
file path. */
- if (strlen (path) >= PATH_MAX - 4) {
+ if (strlen (path) >= PATH_MAX - 5) {
err("Path \"%s.sgn\" is too long.", path);
return -1;
}
+ /* This use of sprintf() is OK, since we just checked the final
+ * string's length. */
sprintf (signature_realpath, "%s.sgn", path);
rc = verify_module (signature_realpath, path, module_data, module_size);
* /lib/modules/`uname -r`/systemtapmod.ko, put a '/' on the
* end of staplib_dir_realpath. */
if (strlen(staplib_dir_realpath) < (PATH_MAX - 1))
+ /* Note that this strcat() is OK, since we just
+ * checked the length of the resulting string. */
strcat(staplib_dir_realpath, "/");
else {
err("ERROR: Path \"%s\" is too long.", staplib_dir_realpath);
#ifdef STP_BULKMODE
/* now for each cpu "n", create /proc/systemtap/module_name/n */
stp_for_each_cpu(i) {
- sprintf(buf, "%d", i);
+ snprintf(buf, sizeof(buf), "%d", i);
de = create_proc_entry(buf, 0600, _stp_proc_root);
if (de == NULL)
goto err1;
stp_for_each_cpu(j) {
if (j == i)
break;
- sprintf(buf, "%d", j);
+ snprintf(buf, sizeof(buf), "%d", j);
remove_proc_entry(buf, _stp_proc_root);
}
_stp_kfree(de->data);
stp_for_each_cpu(i) {
- sprintf(buf, "%d", i);
+ snprintf(buf, sizeof(buf), "%d", i);
remove_proc_entry(buf, _stp_proc_root);
}
remove_proc_entry("bufsize", _stp_proc_root);
_stp_transport_data_fs_close();
return -EINVAL;
}
- sprintf(cpu_file, "trace%d", cpu);
+ snprintf(cpu_file, sizeof(cpu_file), "trace%d", cpu);
__stp_entry[cpu] = debugfs_create_file(cpu_file, 0600,
_stp_get_module_dir(),
(void *)(long)cpu,
hi = (type & DW_EH_PE_ADJUST) >> 4;
low = type & DW_EH_PE_FORM;
if (hi > 5 || low > 4 || (low == 0 && (type & DW_EH_PE_signed))) {
- sprintf(buf, "ERROR:encoding=0x%x", type);
+ snprintf(buf, sizeof(buf), "ERROR:encoding=0x%x", type);
return buf;
}