From patchwork Mon Jul 17 15:12:07 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Max Reitz X-Patchwork-Id: 9845455 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 7B4A560386 for ; Mon, 17 Jul 2017 15:13:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6DFAB284D1 for ; Mon, 17 Jul 2017 15:13:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6269B284E3; Mon, 17 Jul 2017 15:13:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 04C47284D1 for ; Mon, 17 Jul 2017 15:13:23 +0000 (UTC) Received: from localhost ([::1]:50980 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dX7i6-0001VE-7a for patchwork-qemu-devel@patchwork.kernel.org; Mon, 17 Jul 2017 11:13:22 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:43969) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dX7h2-0001PP-Qg for qemu-devel@nongnu.org; Mon, 17 Jul 2017 11:12:17 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dX7h1-0003pU-V0 for qemu-devel@nongnu.org; Mon, 17 Jul 2017 11:12:16 -0400 Received: from mx1.redhat.com ([209.132.183.28]:49412) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1dX7gx-0003mT-Ad; Mon, 17 Jul 2017 11:12:11 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 3CB7285547; Mon, 17 Jul 2017 15:12:10 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 3CB7285547 Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx04.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=mreitz@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 3CB7285547 Received: from localhost (unknown [10.40.205.4]) by smtp.corp.redhat.com (Postfix) with ESMTPS id A68B65D9C1; Mon, 17 Jul 2017 15:12:09 +0000 (UTC) From: Max Reitz To: qemu-block@nongnu.org Date: Mon, 17 Jul 2017 17:12:07 +0200 Message-Id: <20170717151207.24919-1-mreitz@redhat.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Mon, 17 Jul 2017 15:12:10 +0000 (UTC) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 209.132.183.28 Subject: [Qemu-devel] [PATCH] block/vvfat: Fix compiler warning with gcc 7 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Kevin Wolf , =?UTF-8?q?Herv=C3=A9=20Poussineau?= , qemu-devel@nongnu.org, Max Reitz Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: "Qemu-devel" X-Virus-Scanned: ClamAV using ClamSMTP gcc 7 complains that the sprintf() might write a null byte beyond the end of the tail buffer. That is wrong, but we can silence it by making i unsigned (it can never be negative anyway, see the if condition right before). For some reason, this allows gcc to suddenly accurately calculate the range of i so we can give the tail[] array the exact size it needs to have (which is 8 bytes) without gcc complaining. In addition, let us convert the sprintf() to snprintf(), because that is always nicer, and add an assertion about the range of the return value afterwards so we can see that "8 - len" will never be negative and thus "entry->name + MIN(j, 8 - len)" will never be out of bounds. Signed-off-by: Max Reitz Reviewed-by: Eric Blake --- block/vvfat.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/block/vvfat.c b/block/vvfat.c index 6b11596..a9e207f 100644 --- a/block/vvfat.c +++ b/block/vvfat.c @@ -549,7 +549,7 @@ static direntry_t *create_short_filename(BDRVVVFATState *s, const gchar *p, *last_dot = NULL; gunichar c; bool lossy_conversion = false; - char tail[11]; + char tail[8]; if (!entry) { return NULL; @@ -614,7 +614,8 @@ static direntry_t *create_short_filename(BDRVVVFATState *s, for (i = lossy_conversion ? 1 : 0; i < 999999; i++) { direntry_t *entry1; if (i > 0) { - int len = sprintf(tail, "~%d", i); + int len = snprintf(tail, sizeof(tail), "~%u", (unsigned)i); + assert(len <= 7); memcpy(entry->name + MIN(j, 8 - len), tail, len); } for (entry1 = array_get(&(s->directory), directory_start);