Correct snprintf() size argument

The size argument of snprintf(3) in glibc and snprintf() in Linux
kernel includes trailing \0, as snprintf(3) man page explains it as
"write at most size bytes (including the trailing null byte ('\0'))",
i.e. snprintf() can just take buffer size.

e.g. For snprintf() in module/zfs/zfs_ctldir.c, a buffer size is
MAXPATHLEN, and a caller is passing MAXPATHLEN to snprintf(), so size
should just be `path_len` to do what the caller is trying to do.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: George Melikov <mail@gmelikov.ru>
Reviewed-by: Richard Laager <rlaager@wiktel.com>
Signed-off-by: Tomohiro Kusumi <kusumi.tomohiro@gmail.com>
Closes #8692
This commit is contained in:
Tomohiro Kusumi 2019-05-01 11:41:12 +09:00 committed by Brian Behlendorf
parent 77449a1ab0
commit f0ce0436aa
3 changed files with 5 additions and 6 deletions

View File

@ -971,7 +971,7 @@ send_iterate_fs(zfs_handle_t *zhp, void *arg)
char snapname[MAXPATHLEN] = { 0 }; char snapname[MAXPATHLEN] = { 0 };
zfs_handle_t *snap; zfs_handle_t *snap;
(void) snprintf(snapname, sizeof (snapname) - 1, "%s@%s", (void) snprintf(snapname, sizeof (snapname), "%s@%s",
zhp->zfs_name, sd->tosnap); zhp->zfs_name, sd->tosnap);
if (sd->fromsnap != NULL) if (sd->fromsnap != NULL)
sd->seenfrom = B_TRUE; sd->seenfrom = B_TRUE;
@ -1524,7 +1524,7 @@ dump_filesystem(zfs_handle_t *zhp, void *arg)
zfs_handle_t *snap; zfs_handle_t *snap;
if (!sdd->seenfrom) { if (!sdd->seenfrom) {
(void) snprintf(snapname, sizeof (snapname) - 1, (void) snprintf(snapname, sizeof (snapname),
"%s@%s", zhp->zfs_name, sdd->fromsnap); "%s@%s", zhp->zfs_name, sdd->fromsnap);
snap = zfs_open(zhp->zfs_hdl, snapname, snap = zfs_open(zhp->zfs_hdl, snapname,
ZFS_TYPE_SNAPSHOT); ZFS_TYPE_SNAPSHOT);
@ -1535,7 +1535,7 @@ dump_filesystem(zfs_handle_t *zhp, void *arg)
} }
if (rv == 0) { if (rv == 0) {
(void) snprintf(snapname, sizeof (snapname) - 1, (void) snprintf(snapname, sizeof (snapname),
"%s@%s", zhp->zfs_name, sdd->tosnap); "%s@%s", zhp->zfs_name, sdd->tosnap);
snap = zfs_open(zhp->zfs_hdl, snapname, snap = zfs_open(zhp->zfs_hdl, snapname,
ZFS_TYPE_SNAPSHOT); ZFS_TYPE_SNAPSHOT);

View File

@ -86,7 +86,7 @@ vcmn_err(int ce, const char *fmt, va_list ap)
{ {
char msg[MAXMSGLEN]; char msg[MAXMSGLEN];
vsnprintf(msg, MAXMSGLEN - 1, fmt, ap); vsnprintf(msg, MAXMSGLEN, fmt, ap);
switch (ce) { switch (ce) {
case CE_IGNORE: case CE_IGNORE:

View File

@ -766,8 +766,7 @@ zfsctl_snapshot_path_objset(zfsvfs_t *zfsvfs, uint64_t objsetid,
break; break;
} }
memset(full_path, 0, path_len); snprintf(full_path, path_len, "%s/.zfs/snapshot/%s",
snprintf(full_path, path_len - 1, "%s/.zfs/snapshot/%s",
zfsvfs->z_vfs->vfs_mntpoint, snapname); zfsvfs->z_vfs->vfs_mntpoint, snapname);
out: out:
kmem_free(snapname, ZFS_MAX_DATASET_NAME_LEN); kmem_free(snapname, ZFS_MAX_DATASET_NAME_LEN);