[PATCH v2] replace sprintf with strcpy to avoid GCC warning [BZ#28439]
Martin Sebor
msebor@gmail.com
Mon Oct 11 15:42:04 GMT 2021
On 10/10/21 2:28 AM, Florian Weimer wrote:
> * Martin Sebor:
>
>> On 10/9/21 3:15 PM, Florian Weimer wrote:
>>> * Martin Sebor:
>>>
>>>> diff --git a/resolv/res_query.c b/resolv/res_query.c
>>>> index 75b0e5f2f7..adc8a13f75 100644
>>>> --- a/resolv/res_query.c
>>>> +++ b/resolv/res_query.c
>>>> @@ -589,10 +589,9 @@ __res_context_querydomain (struct resolv_context *ctx,
>>>> struct __res_state *statp = ctx->resp;
>>>> char nbuf[MAXDNAME];
>>>> const char *longname = nbuf;
>>>> - size_t n, d;
>>>>
>>>> if (domain == NULL) {
>>>> - n = strlen(name);
>>>> + size_t n = strlen(name);
>>>>
>>>> /* Decrement N prior to checking it against MAXDNAME
>>>> so that we detect a wrap to SIZE_MAX and return
>>>> @@ -603,15 +602,13 @@ __res_context_querydomain (struct resolv_context *ctx,
>>>> return (-1);
>>>> }
>>>> longname = name;
>>>> - } else {
>>>> - n = strlen(name);
>>>> - d = strlen(domain);
>>>> - if (n + d + 1 >= MAXDNAME) {
>>>> - RES_SET_H_ERRNO(statp, NO_RECOVERY);
>>>> - return (-1);
>>>> - }
>>>> - sprintf(nbuf, "%s.%s", name, domain);
>>>> }
>>>> + else if (__snprintf (nbuf, sizeof nbuf, "%s.%s", name, domain)
>>>> + >= sizeof nbuf)
>>>> + {
>>>> + RES_SET_H_ERRNO(statp, NO_RECOVERY);
>>>> + return -1;
>>>> + }
>>>> return __res_context_query (ctx, longname, class, type, answer,
>>>> anslen, answerp, answerp2, nanswerp2,
>>>> resplen2, answerp2_malloced);
>>>
>>> Maybe add a comment about EOVERFLOW? I think it still works because
>>> the -1 from snprintf turns into SIZE_MAX.
>>
>> snprintf returns "the number of bytes that would have been written
>> if sizeof buf had been sufficiently large" no? Or is __snprintf
>> different?
>
> The return type is int, not size_t, and there are two input arguments.
> So there is potential for overflow.
Ah, I see what you meant by EOVERFLOW now. Yes, the conversion
to size_t would have handled the case of any error but I agree
that calling out the overflow might have been helpful.
Martin
More information about the Libc-alpha
mailing list