[Toybox] [PATCH] blkid: more scanf fun.

Fri, 24 Sep 2021 17:55:59 -0700 

The unbounded %[] here made me look at the kernel, where the size of a
block device name is limited to 32 bytes (including the NUL), so
although the 1024 bytes of toybuf was plenty, that meant that the
32-byte buffer for "/dev/%s" was too small because the "%s" alone could
require the entire buffer. Fix that, and simplify the code a bit by only
using toybuf for the fgets(). I didn't switch to fscanf() because the
file has two lines of headers, and calling fgets() twice to skip the
header seemed more awkward than keeping the continue in the loop.
---
 toys/other/blkid.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

From bb59b4620b3a6392fe4dd210468b3ee29ef4a273 Mon Sep 17 00:00:00 2001
From: Elliott Hughes <[email protected]>
Date: Fri, 24 Sep 2021 17:51:47 -0700
Subject: [PATCH] blkid: more scanf fun.

The unbounded %[] here made me look at the kernel, where the size of a
block device name is limited to 32 bytes (including the NUL), so
although the 1024 bytes of toybuf was plenty, that meant that the
32-byte buffer for "/dev/%s" was too small because the "%s" alone could
require the entire buffer. Fix that, and simplify the code a bit by only
using toybuf for the fgets(). I didn't switch to fscanf() because the
file has two lines of headers, and calling fgets() twice to skip the
header seemed more awkward than keeping the continue in the loop.
---
 toys/other/blkid.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/toys/other/blkid.c b/toys/other/blkid.c
index e3badca7..01b5971b 100644
--- a/toys/other/blkid.c
+++ b/toys/other/blkid.c
@@ -197,12 +197,11 @@ void blkid_main(void)
   if (*toys.optargs && !FLAG(L) && !FLAG(U)) loopfiles(toys.optargs, do_blkid);
   else {
     unsigned int ma, mi, sz, fd;
-    char *name = toybuf, *buffer = toybuf+1024, device[32];
+    char name[32], device[5+32];
     FILE *fp = xfopen("/proc/partitions", "r");
 
-    while (fgets(buffer, 1024, fp)) {
-      *name = 0;
-      if (sscanf(buffer, " %u %u %u %[^\n ]", &ma, &mi, &sz, name) != 4)
+    while (fgets(toybuf, sizeof(toybuf), fp)) {
+      if (sscanf(toybuf, " %u %u %u %31s", &ma, &mi, &sz, name) != 4)
         continue;
 
       sprintf(device, "/dev/%.20s", name);
-- 
2.33.0.685.g46640cef36-goog


_______________________________________________
Toybox mailing list
[email protected]
http://lists.landley.net/listinfo.cgi/toybox-landley.net

Reply via email to