diff options
| author | Frej Drejhammar <frej.drejhammar@gmail.com> | 2023-04-11 12:28:11 +0200 |
|---|---|---|
| committer | Frej Drejhammar <frej.drejhammar@gmail.com> | 2023-05-02 16:10:35 +0200 |
| commit | 9bd8dd986741cfd91ad7ef9e358601cf2ed94428 (patch) | |
| tree | 71bf13505439331291dd68bec1d1e211aeb5bcb9 | |
| parent | ba763d9dc2979d824006d96f182ebdb562191e5f (diff) | |
| download | erlang-9bd8dd986741cfd91ad7ef9e358601cf2ed94428.tar.gz | |
erl_interface: Avoid warnings about safe sprintf usage
In erl_interface there are three uses of `sprintf` to construct host
name strings. GCC 12 gives a `ā%sā directive writing up to 254 bytes
into a region of size between 1 and 256` warning at these locations,
as it isn't smart enough to see that the manual bounds check is
correct and that the write is safe.
By switching to `snprintf` and removing the manual size calculation of
the resulting string, we can both simplify the relevant code and avoid
the warnings.
| -rw-r--r-- | lib/erl_interface/src/connect/ei_connect.c | 4 | ||||
| -rw-r--r-- | lib/erl_interface/src/prog/erl_call.c | 8 |
2 files changed, 6 insertions, 6 deletions
diff --git a/lib/erl_interface/src/connect/ei_connect.c b/lib/erl_interface/src/connect/ei_connect.c index e5f1c307fd..3f2becde5a 100644 --- a/lib/erl_interface/src/connect/ei_connect.c +++ b/lib/erl_interface/src/connect/ei_connect.c @@ -1058,11 +1058,11 @@ int ei_connect_init_ussi(ei_cnode* ec, const char* this_node_name, strcpy(thishostname, hp->h_name); } } - if (strlen(this_node_name) + 1 + strlen(thishostname) > MAXNODELEN) { + if (snprintf(thisnodename, sizeof(thisnodename), "%s@%s", + this_node_name, thishostname) > sizeof(thisnodename)) { EI_TRACE_ERR0("ei_connect_init_ussi","this node name is too long"); return ERL_ERROR; } - sprintf(thisnodename, "%s@%s", this_node_name, thishostname); res = ei_connect_xinit_ussi(ec, thishostname, thisalivename, thisnodename, (struct in_addr *)*hp->h_addr_list, cookie, creation, cbs, cbs_sz, setup_context); diff --git a/lib/erl_interface/src/prog/erl_call.c b/lib/erl_interface/src/prog/erl_call.c index 4548b9f4dd..1fb72c65cb 100644 --- a/lib/erl_interface/src/prog/erl_call.c +++ b/lib/erl_interface/src/prog/erl_call.c @@ -441,11 +441,11 @@ int main(int argc, char *argv[]) memcpy(&h_ipadr.s_addr, *hp->h_addr_list, sizeof(struct in_addr)); if (h_alivename) { - if (strlen(h_alivename) + strlen(h_hostname) + 2 > sizeof(h_nodename_buf)) { + if (snprintf(h_nodename_buf, sizeof(h_nodename_buf), "%s@%s", + h_alivename, h_hostname) > sizeof(h_nodename_buf)) {; fprintf(stderr,"erl_call: hostname too long: %s\n", h_hostname); exit_free_flags_fields(1, &flags); } - sprintf(h_nodename, "%s@%s", h_alivename, h_hostname); } else { /* dynamic node name */ @@ -490,11 +490,11 @@ int main(int argc, char *argv[]) } if (flags.port == -1) { - if (strlen(flags.node) + strlen(host_name) + 2 > sizeof(nodename)) { + if (snprintf(nodename, sizeof(nodename), + "%s@%s", flags.node, host_name) > sizeof(nodename)) { fprintf(stderr,"erl_call: nodename too long: %s\n", flags.node); exit_free_flags_fields(1, &flags); } - sprintf(nodename, "%s@%s", flags.node, host_name); } /* * Try to connect. Start an Erlang system if the |