summaryrefslogtreecommitdiff
path: root/src/core
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2015-01-27 08:00:11 -0500
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2015-02-01 17:21:39 -0500
commit5ffa8c818120e35c89becd938d160235c069dd12 (patch)
treee4a1ce20a003e23618bd54f49cb4acf68aed70cd /src/core
parent294929f8916ca37d89ccb1757868d22f8068c56b (diff)
Add a snprinf wrapper which checks that the buffer was big enough
If we scale our buffer to be wide enough for the format string, we should expect that the calculation was correct. char_array_0() invocations are removed, since snprintf nul-terminates the output in any case. A similar wrapper is used for strftime calls, but only in timedatectl.c.
Diffstat (limited to 'src/core')
-rw-r--r--src/core/automount.c12
-rw-r--r--src/core/job.c1
-rw-r--r--src/core/main.c7
-rw-r--r--src/core/selinux-access.c14
-rw-r--r--src/core/unit.c1
5 files changed, 14 insertions, 21 deletions
diff --git a/src/core/automount.c b/src/core/automount.c
index d47e6fa8dc..9f6bd84b21 100644
--- a/src/core/automount.c
+++ b/src/core/automount.c
@@ -449,7 +449,9 @@ int automount_send_ready(Automount *a, int status) {
static void automount_enter_waiting(Automount *a) {
_cleanup_close_ int ioctl_fd = -1;
int p[2] = { -1, -1 };
- char name[32], options[128];
+ char name[sizeof("systemd-")-1 + DECIMAL_STR_MAX(pid_t) + 1];
+ char options[sizeof("fd=,pgrp=,minproto=5,maxproto=5,direct")-1
+ + DECIMAL_STR_MAX(int) + DECIMAL_STR_MAX(gid_t) + 1];
bool mounted = false;
int r, dev_autofs_fd;
struct stat st;
@@ -477,12 +479,8 @@ static void automount_enter_waiting(Automount *a) {
goto fail;
}
- snprintf(options, sizeof(options), "fd=%i,pgrp=%u,minproto=5,maxproto=5,direct", p[1], (unsigned) getpgrp());
- char_array_0(options);
-
- snprintf(name, sizeof(name), "systemd-%u", (unsigned) getpid());
- char_array_0(name);
-
+ xsprintf(options, "fd=%i,pgrp="PID_FMT",minproto=5,maxproto=5,direct", p[1], getpgrp());
+ xsprintf(name, "systemd-"PID_FMT, getpid());
if (mount(name, a->where, "autofs", 0, options) < 0) {
r = -errno;
goto fail;
diff --git a/src/core/job.c b/src/core/job.c
index 2129773ede..4740ff18cb 100644
--- a/src/core/job.c
+++ b/src/core/job.c
@@ -764,7 +764,6 @@ static void job_log_status_message(Unit *u, JobType t, JobResult result) {
DISABLE_WARNING_FORMAT_NONLITERAL;
snprintf(buf, sizeof(buf), format, unit_description(u));
- char_array_0(buf);
REENABLE_WARNING;
if (t == JOB_START) {
diff --git a/src/core/main.c b/src/core/main.c
index 0df1f6423a..02b7c37f8d 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -1883,7 +1883,7 @@ finish:
args = newa(const char*, args_size);
if (!switch_root_init) {
- char sfd[16];
+ char sfd[DECIMAL_STR_MAX(int) + 1];
/* First try to spawn ourselves with the right
* path, and with full serialization. We do
@@ -1893,8 +1893,7 @@ finish:
assert(arg_serialization);
assert(fds);
- snprintf(sfd, sizeof(sfd), "%i", fileno(arg_serialization));
- char_array_0(sfd);
+ xsprintf(sfd, "%i", fileno(arg_serialization));
i = 0;
args[i++] = SYSTEMD_BINARY_PATH;
@@ -1995,7 +1994,7 @@ finish:
assert(command_line[pos] == NULL);
env_block = strv_copy(environ);
- snprintf(log_level, sizeof(log_level), "%d", log_get_max_level());
+ xsprintf(log_level, "%d", log_get_max_level());
switch (log_get_target()) {
case LOG_TARGET_KMSG:
diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index f6389584f7..18888747f2 100644
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@@ -64,16 +64,16 @@ static int audit_callback(
const struct audit_info *audit = auditdata;
uid_t uid = 0, login_uid = 0;
gid_t gid = 0;
- char login_uid_buf[DECIMAL_STR_MAX(uid_t)] = "n/a";
- char uid_buf[DECIMAL_STR_MAX(uid_t)] = "n/a";
- char gid_buf[DECIMAL_STR_MAX(gid_t)] = "n/a";
+ char login_uid_buf[DECIMAL_STR_MAX(uid_t) + 1] = "n/a";
+ char uid_buf[DECIMAL_STR_MAX(uid_t) + 1] = "n/a";
+ char gid_buf[DECIMAL_STR_MAX(gid_t) + 1] = "n/a";
if (sd_bus_creds_get_audit_login_uid(audit->creds, &login_uid) >= 0)
- snprintf(login_uid_buf, sizeof(login_uid_buf), UID_FMT, login_uid);
+ xsprintf(login_uid_buf, UID_FMT, login_uid);
if (sd_bus_creds_get_euid(audit->creds, &uid) >= 0)
- snprintf(uid_buf, sizeof(uid_buf), UID_FMT, uid);
+ xsprintf(uid_buf, UID_FMT, uid);
if (sd_bus_creds_get_egid(audit->creds, &gid) >= 0)
- snprintf(gid_buf, sizeof(gid_buf), GID_FMT, gid);
+ xsprintf(gid_buf, GID_FMT, gid);
snprintf(msgbuf, msgbufsize,
"auid=%s uid=%s gid=%s%s%s%s%s%s%s",
@@ -81,8 +81,6 @@ static int audit_callback(
audit->path ? " path=\"" : "", strempty(audit->path), audit->path ? "\"" : "",
audit->cmdline ? " cmdline=\"" : "", strempty(audit->cmdline), audit->cmdline ? "\"" : "");
- msgbuf[msgbufsize-1] = 0;
-
return 0;
}
diff --git a/src/core/unit.c b/src/core/unit.c
index 23ad7c10e0..c3433b2c5d 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -1399,7 +1399,6 @@ static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
DISABLE_WARNING_FORMAT_NONLITERAL;
snprintf(buf, sizeof(buf), format, unit_description(u));
- char_array_0(buf);
REENABLE_WARNING;
mid = t == JOB_START ? SD_MESSAGE_UNIT_STARTING :