[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[dm-devel] multipath tools 0.3.2 bugs in uses of safe_sprintf()



I've run into a problem with the new tools release 0.3.2.

The new tools have introduced the macro:

#define safe_sprintf(var, format, args...)      \
       	snprintf(var, sizeof(var), format, ##args) >= sizeof(var)

This macro works OK in situations where "var" is a character array of
a fixed size, such as:

	char attr_path[FILE_NAME_SIZE];

	safe_sprintf(attr_path, "%s/block/%s/device/rev", sysfs_path, devname)

sizeof(attr_path) will be FILE_NAME_SIZE, because attr_path is an
array, and sizeof is returning the size of the array.

But safe_sprintf incorrectly fails in these situations:

	char *pathstr;

        pathstr = zalloc(PATH_STR_SIZE);
        safe_sprintf(pathstr, "%s", pp->dev_t)

In this case sizeof(pathstr) is 4, because var is a pointer.
The uses of safe_sprintf() in multipath/pgpolicies.c all fail for this reason.

I'm not sure... the only way I can think to make the macro really general is to
pass the size of the destination into the macro...

#define safe_sprintf(var, size, format, args...)      \
       	snprintf(var, size, format, ##args) >= size


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]