| Message ID | 20200224065139.19567-1-pannengyuan@huawei.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | target/i386/hax-posix: fix two 'format-truncation' compile warnings | expand |
Le 24/02/2020 à 07:51, pannengyuan@huawei.com a écrit : > From: Pan Nengyuan <pannengyuan@huawei.com> > > Fix compile warnings: > /mnt/sdb/qemu-new/qemu_test/qemu/target/i386/hax-posix.c:124:56: error: ‘%02d’ directive output may be truncated writing between 2 and 11 bytes into a region of size 3 [-Werror=format-truncation=] > snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id); > ^~~~ > /mnt/sdb/qemu-new/qemu_test/qemu/target/i386/hax-posix.c:124:41: note: directive argument in the range [-2147483648, 64] > snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id); > ^~~~~~~~~~~~~~~~~~~~ > In file included from /usr/include/stdio.h:873, > from /mnt/sdb/qemu-new/qemu_test/qemu/include/qemu/osdep.h:99, > from /mnt/sdb/qemu-new/qemu_test/qemu/target/i386/hax-posix.c:14: > /usr/include/bits/stdio2.h:67:10: note: ‘__builtin___snprintf_chk’ output between 17 and 26 bytes into a destination of size 17 > return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > __bos (__s), __fmt, __va_arg_pack ()); > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > /mnt/sdb/qemu-new/qemu_test/qemu/target/i386/hax-posix.c: In function ‘hax_vcpu_devfs_string’: > /mnt/sdb/qemu-new/qemu_test/qemu/target/i386/hax-posix.c:143:55: error: ‘%02d’ directive output may be truncated writing between 2 and 11 bytes into a region of size 10 [-Werror=format-truncation=] > snprintf(name, sizeof HAX_VCPU_DEVFS, "/dev/hax_vm%02d/vcpu%02d", > ^~~~ > /mnt/sdb/qemu-new/qemu_test/qemu/target/i386/hax-posix.c:143:43: note: directive argument in the range [-2147483648, 64] > snprintf(name, sizeof HAX_VCPU_DEVFS, "/dev/hax_vm%02d/vcpu%02d", > ^~~~~~~~~~~~~~~~~~~~~~~~~~ > /mnt/sdb/qemu-new/qemu_test/qemu/target/i386/hax-posix.c:143:43: note: directive argument in the range [-2147483648, 64] > In file included from /usr/include/stdio.h:873, > from /mnt/sdb/qemu-new/qemu_test/qemu/include/qemu/osdep.h:99, > from /mnt/sdb/qemu-new/qemu_test/qemu/target/i386/hax-posix.c:14: > /usr/include/bits/stdio2.h:67:10: note: ‘__builtin___snprintf_chk’ output between 21 and 39 bytes into a destination of size 21 > return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, > ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > __bos (__s), __fmt, __va_arg_pack ()); > > We know that we have checked the vm_id and vcpu_id in the first(less than 0x40), it will never be truncated in snprintf(). > Thus, this patch add an assertion to clear this false-positive warning. > > Reported-by: Euler Robot <euler.robot@huawei.com> > Signed-off-by: Pan Nengyuan <pannengyuan@huawei.com> > --- > target/i386/hax-posix.c | 8 +++++--- > 1 file changed, 5 insertions(+), 3 deletions(-) > > diff --git a/target/i386/hax-posix.c b/target/i386/hax-posix.c > index a5426a6dac..197d5bc0f9 100644 > --- a/target/i386/hax-posix.c > +++ b/target/i386/hax-posix.c > @@ -121,7 +121,8 @@ static char *hax_vm_devfs_string(int vm_id) > return NULL; > } > > - snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id); > + int len = snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id); > + assert(len < sizeof HAX_VM_DEVFS); > return name; > } > > @@ -140,8 +141,9 @@ static char *hax_vcpu_devfs_string(int vm_id, int vcpu_id) > return NULL; > } > > - snprintf(name, sizeof HAX_VCPU_DEVFS, "/dev/hax_vm%02d/vcpu%02d", > - vm_id, vcpu_id); > + int len = snprintf(name, sizeof HAX_VCPU_DEVFS, "/dev/hax_vm%02d/vcpu%02d", > + vm_id, vcpu_id); > + assert(len < sizeof HAX_VCPU_DEVFS); > return name; > } > > You should check instead that vm_id and vcpu_id are >= 0 where they are checked to be <= MAX_VM_ID and MAX_VCPU_ID, this will avoid the overflow of "%02d" and should remove the compile warning. Thanks, Laurent
On 24/02/20 07:51, pannengyuan@huawei.com wrote: > diff --git a/target/i386/hax-posix.c b/target/i386/hax-posix.c > index a5426a6dac..197d5bc0f9 100644 > --- a/target/i386/hax-posix.c > +++ b/target/i386/hax-posix.c > @@ -121,7 +121,8 @@ static char *hax_vm_devfs_string(int vm_id) > return NULL; > } > > - snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id); > + int len = snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id); > + assert(len < sizeof HAX_VM_DEVFS); > return name; > } > > @@ -140,8 +141,9 @@ static char *hax_vcpu_devfs_string(int vm_id, int vcpu_id) > return NULL; > } > > - snprintf(name, sizeof HAX_VCPU_DEVFS, "/dev/hax_vm%02d/vcpu%02d", > - vm_id, vcpu_id); > + int len = snprintf(name, sizeof HAX_VCPU_DEVFS, "/dev/hax_vm%02d/vcpu%02d", > + vm_id, vcpu_id); > + assert(len < sizeof HAX_VCPU_DEVFS); > return name; > } > > Julio Faracco has posted a fix for the same bug. The best change is actually to switch to g_strdup_printf. Paolo
On 3/3/2020 6:47 PM, Paolo Bonzini wrote: > On 24/02/20 07:51, pannengyuan@huawei.com wrote: >> diff --git a/target/i386/hax-posix.c b/target/i386/hax-posix.c >> index a5426a6dac..197d5bc0f9 100644 >> --- a/target/i386/hax-posix.c >> +++ b/target/i386/hax-posix.c >> @@ -121,7 +121,8 @@ static char *hax_vm_devfs_string(int vm_id) >> return NULL; >> } >> >> - snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id); >> + int len = snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id); >> + assert(len < sizeof HAX_VM_DEVFS); >> return name; >> } >> >> @@ -140,8 +141,9 @@ static char *hax_vcpu_devfs_string(int vm_id, int vcpu_id) >> return NULL; >> } >> >> - snprintf(name, sizeof HAX_VCPU_DEVFS, "/dev/hax_vm%02d/vcpu%02d", >> - vm_id, vcpu_id); >> + int len = snprintf(name, sizeof HAX_VCPU_DEVFS, "/dev/hax_vm%02d/vcpu%02d", >> + vm_id, vcpu_id); >> + assert(len < sizeof HAX_VCPU_DEVFS); >> return name; >> } >> >> > > Julio Faracco has posted a fix for the same bug. The best change is > actually to switch to g_strdup_printf. Okay, Thanks. > > Paolo >
diff --git a/target/i386/hax-posix.c b/target/i386/hax-posix.c index a5426a6dac..197d5bc0f9 100644 --- a/target/i386/hax-posix.c +++ b/target/i386/hax-posix.c @@ -121,7 +121,8 @@ static char *hax_vm_devfs_string(int vm_id) return NULL; } - snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id); + int len = snprintf(name, sizeof HAX_VM_DEVFS, "/dev/hax_vm/vm%02d", vm_id); + assert(len < sizeof HAX_VM_DEVFS); return name; } @@ -140,8 +141,9 @@ static char *hax_vcpu_devfs_string(int vm_id, int vcpu_id) return NULL; } - snprintf(name, sizeof HAX_VCPU_DEVFS, "/dev/hax_vm%02d/vcpu%02d", - vm_id, vcpu_id); + int len = snprintf(name, sizeof HAX_VCPU_DEVFS, "/dev/hax_vm%02d/vcpu%02d", + vm_id, vcpu_id); + assert(len < sizeof HAX_VCPU_DEVFS); return name; }