Module Name: src
Committed By: martin
Date: Mon Feb 11 20:40:18 UTC 2019
Modified Files:
src/usr.sbin/sysinst: bsddisklabel.c defs.h partman.c util.c
Log Message:
Fix a few off by one (in both directions) in previous, pointed out by mrg.
Avoid open coding snprintf return value checking and introduce a
helper functions that always ensures string termination instead,
suggested by christos.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/usr.sbin/sysinst/bsddisklabel.c
cvs rdiff -u -r1.31 -r1.32 src/usr.sbin/sysinst/defs.h
cvs rdiff -u -r1.28 -r1.29 src/usr.sbin/sysinst/partman.c
cvs rdiff -u -r1.19 -r1.20 src/usr.sbin/sysinst/util.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/usr.sbin/sysinst/bsddisklabel.c
diff -u src/usr.sbin/sysinst/bsddisklabel.c:1.6 src/usr.sbin/sysinst/bsddisklabel.c:1.7
--- src/usr.sbin/sysinst/bsddisklabel.c:1.6 Tue Nov 20 19:02:07 2018
+++ src/usr.sbin/sysinst/bsddisklabel.c Mon Feb 11 20:40:18 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: bsddisklabel.c,v 1.6 2018/11/20 19:02:07 martin Exp $ */
+/* $NetBSD: bsddisklabel.c,v 1.7 2019/02/11 20:40:18 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -224,7 +224,7 @@ set_ptn_size(menudesc *m, void *arg)
if (size == 0)
size = p->dflt_size;
size /= sizemult;
- snprintf(dflt, sizeof dflt, "%" PRIi64 "%s",
+ trunc_snprintf(dflt, sizeof dflt, "%" PRIi64 "%s",
size, p == pi->pool_part ? "+" : "");
for (;;) {
Index: src/usr.sbin/sysinst/defs.h
diff -u src/usr.sbin/sysinst/defs.h:1.31 src/usr.sbin/sysinst/defs.h:1.32
--- src/usr.sbin/sysinst/defs.h:1.31 Sun Jan 27 04:15:11 2019
+++ src/usr.sbin/sysinst/defs.h Mon Feb 11 20:40:18 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: defs.h,v 1.31 2019/01/27 04:15:11 oster Exp $ */
+/* $NetBSD: defs.h,v 1.32 2019/02/11 20:40:18 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -561,6 +561,9 @@ void do_reinstall_sets(void);
void restore_etc(void);
/* from util.c */
+/* like snprintf, but always terminates the output */
+void trunc_snprintf(char * restrict str, size_t size,
+ const char * restrict format, ...) __printflike(3, 4);
char* str_arg_subst(const char *, size_t, const char **);
void msg_display_subst(const char *, size_t, ...);
int ask_yesno(const char *);
Index: src/usr.sbin/sysinst/partman.c
diff -u src/usr.sbin/sysinst/partman.c:1.28 src/usr.sbin/sysinst/partman.c:1.29
--- src/usr.sbin/sysinst/partman.c:1.28 Mon Feb 11 20:03:28 2019
+++ src/usr.sbin/sysinst/partman.c Mon Feb 11 20:40:18 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: partman.c,v 1.28 2019/02/11 20:03:28 martin Exp $ */
+/* $NetBSD: partman.c,v 1.29 2019/02/11 20:40:18 martin Exp $ */
/*
* Copyright 2012 Eugene Lozovoy
@@ -255,23 +255,19 @@ pm_edit(int menu_entries_count, void (*m
static void
pm_getdevstring(char *buf, int len, pm_devs_t *pm_cur, int num)
{
- int i, r;
+ int i;
if (pm_cur->isspecial)
snprintf(buf, len, "%s", pm_cur->diskdev);
else if (num + 'a' < 'a' || num + 'a' > 'a' + MAXPARTITIONS) {
- r = snprintf(buf, len-1, "%sd", pm_cur->diskdev);
- if (r >= len)
- buf[len] = 0;
+ trunc_snprintf(buf, len, "%sd", pm_cur->diskdev);
} else if (pm_cur->gpt) {
for (i = 0; i < MAX_WEDGES; i++)
if (wedges[i].pm == pm_cur &&
wedges[i].ptn == num)
snprintf(buf, len, "dk%d", i); // XXX: xxx
} else {
- r = snprintf(buf, len-1, "%s%c", pm_cur->diskdev, num + 'a');
- if (r >= len)
- buf[len] = 0;
+ trunc_snprintf(buf, len, "%s%c", pm_cur->diskdev, num + 'a');
}
return;
@@ -1898,7 +1894,7 @@ pm_gpt_commit(void)
int
pm_getrefdev(pm_devs_t *pm_cur)
{
- int i, ii, dev_num, num_devs, num_devs_s, r;
+ int i, ii, dev_num, num_devs, num_devs_s;
char dev[SSTRSIZE]; dev[0] = '\0';
pm_cur->refdev = NULL;
@@ -1907,15 +1903,11 @@ pm_getrefdev(pm_devs_t *pm_cur)
for (i = 0; i < MAX_CGD; i++)
if (cgds[i].blocked && cgds[i].node == dev_num) {
pm_cur->refdev = &cgds[i];
- r = snprintf(pm_cur->diskdev_descr,
- sizeof(pm_cur->diskdev_descr)-1,
+ trunc_snprintf(pm_cur->diskdev_descr,
+ sizeof(pm_cur->diskdev_descr),
"%s (%s, %s-%d)",
pm_cur->diskdev_descr, cgds[i].pm_name,
cgds[i].enc_type, cgds[i].key_size);
- if (r >= (int)sizeof(pm_cur->diskdev_descr))
- pm_cur->diskdev_descr[
- sizeof(pm_cur->diskdev_descr)-1]
- = 0;
break;
}
} else if (! strncmp(pm_cur->diskdev, "vnd", 3)) {
@@ -1925,15 +1917,11 @@ pm_getrefdev(pm_devs_t *pm_cur)
pm_cur->refdev = &vnds[i];
pm_getdevstring(dev, SSTRSIZE, vnds[i].pm,
vnds[i].pm_part);
- r = snprintf(pm_cur->diskdev_descr,
- sizeof(pm_cur->diskdev_descr)-1,
+ trunc_snprintf(pm_cur->diskdev_descr,
+ sizeof(pm_cur->diskdev_descr),
"%s (%s, %s)",
pm_cur->diskdev_descr, dev,
vnds[i].filepath);
- if (r >= (int)sizeof(pm_cur->diskdev_descr))
- pm_cur->diskdev_descr[
- sizeof(pm_cur->diskdev_descr)-1]
- = 0;
break;
}
} else if (! strncmp(pm_cur->diskdev, "raid", 4)) {
@@ -1949,14 +1937,10 @@ pm_getrefdev(pm_devs_t *pm_cur)
else
num_devs++;
}
- r = snprintf(pm_cur->diskdev_descr,
- sizeof(pm_cur->diskdev_descr)-1,
+ trunc_snprintf(pm_cur->diskdev_descr,
+ sizeof(pm_cur->diskdev_descr),
"%s (lvl %d, %d disks, %d spare)", pm_cur->diskdev_descr,
raids[i].raid_level, num_devs, num_devs_s);
- if (r >= (int)sizeof(pm_cur->diskdev_descr))
- pm_cur->diskdev_descr[
- sizeof(pm_cur->diskdev_descr)-1]
- = 0;
break;
}
} else
@@ -2201,16 +2185,14 @@ pm_mountall(void)
static int
pm_mount(pm_devs_t *pm_cur, int part_num)
{
- int error = 0, r;
+ int error = 0;
char buf[MOUNTLEN];
if (strlen(pm_cur->bsdlabel[part_num].mounted) > 0)
return 0;
- r = snprintf(buf, sizeof(buf)-1, "/tmp/%s%c", pm_cur->diskdev,
+ trunc_snprintf(buf, sizeof(buf), "/tmp/%s%c", pm_cur->diskdev,
part_num + 'a');
- if (r >= (int)sizeof(buf))
- buf[sizeof(buf)-1] = 0;
if (! dir_exists_p(buf))
run_program(RUN_DISPLAY | RUN_PROGRESS, "/bin/mkdir -p %s", buf);
if (pm_cur->bsdlabel[part_num].pi_flags & PIF_MOUNT &&
@@ -2505,7 +2487,7 @@ pm_menufmt(menudesc *m, int opt, void *a
{
const char *dev_status = "";
char buf[STRSIZE];
- int r, part_num = ((part_entry_t *)arg)[opt].dev_num;
+ int part_num = ((part_entry_t *)arg)[opt].dev_num;
pm_devs_t *pm_cur = ((part_entry_t *)arg)[opt].dev_ptr;
switch (((part_entry_t *)arg)[opt].type) {
@@ -2557,11 +2539,9 @@ pm_menufmt(menudesc *m, int opt, void *a
pm_cur->bsdlabel[part_num].pi_size / (MEG / pm_cur->sectorsize));
break;
case PM_SPEC_T:
- r = snprintf(buf, sizeof(buf)-1, "%s: %s",
+ trunc_snprintf(buf, sizeof(buf), "%s: %s",
pm_cur->diskdev_descr,
pm_cur->bsdlabel[0].pi_mount);
- if (r >= (int)sizeof(buf))
- buf[sizeof(buf)-1] = 0;
wprintw(m->mw, "%-33.32s %-22.21s %11luM", buf,
getfslabelname(pm_cur->bsdlabel[0].pi_fstype),
pm_cur->bsdlabel[0].pi_size / (MEG / pm_cur->sectorsize));
Index: src/usr.sbin/sysinst/util.c
diff -u src/usr.sbin/sysinst/util.c:1.19 src/usr.sbin/sysinst/util.c:1.20
--- src/usr.sbin/sysinst/util.c:1.19 Sun Jan 27 02:08:51 2019
+++ src/usr.sbin/sysinst/util.c Mon Feb 11 20:40:18 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: util.c,v 1.19 2019/01/27 02:08:51 pgoyette Exp $ */
+/* $NetBSD: util.c,v 1.20 2019/02/11 20:40:18 martin Exp $ */
/*
* Copyright 1997 Piermont Information Systems Inc.
@@ -1882,3 +1882,20 @@ msg_display_subst(const char *master, si
free(args);
}
+/*
+ * like snprintf, but always terminates the output
+ */
+void
+trunc_snprintf(char * restrict str, size_t size,
+ const char * restrict format, ...)
+{
+ int r;
+ va_list ap;
+
+ va_start(ap, format);
+ r = vsnprintf(str, size, format, ap);
+ va_end(ap);
+
+ if (r >= (int)size)
+ str[size-1] = 0;
+}
