Add a snprinf wrapper which checks that the buffer was big enough

If we scale our buffer to be wide enough for the format string, we
should expect that the calculation was correct.

char_array_0() invocations are removed, since snprintf nul-terminates
the output in any case.

A similar wrapper is used for strftime calls, but only in timedatectl.c.

2 files changed, 3 insertions, 3 deletions

diff --git a/src/journal-remote/journal-remote.c b/src/journal-remote/journal-remote.c
index 244d83d363..f1c409cd94 100644
--- a/src/journal-remote/journal-remote.c
+++ b/src/journal-remote/journal-remote.c
@@ -406,7 +406,7 @@ static int add_source(RemoteServer *s, int fd, char* name, bool own_name) {
 static int add_raw_socket(RemoteServer *s, int fd) {
         int r;
         _cleanup_close_ int fd_ = fd;
-        char name[strlen("raw-socket-") + DECIMAL_STR_MAX(int)];
+        char name[sizeof("raw-socket-")-1 + DECIMAL_STR_MAX(int) + 1];
 
         assert(fd >= 0);
 
@@ -416,7 +416,7 @@ static int add_raw_socket(RemoteServer *s, int fd) {
         if (r < 0)
                 return r;
 
-        snprintf(name, sizeof(name), "raw-socket-%d", fd);
+        xsprintf(name, "raw-socket-%d", fd);
 
         r = sd_event_source_set_description(s->listen_event, name);
         if (r < 0)
diff --git a/src/journal-remote/journal-upload-journal.c b/src/journal-remote/journal-upload-journal.c
index 942320cbf6..5fd639a76a 100644
--- a/src/journal-remote/journal-upload-journal.c
+++ b/src/journal-remote/journal-upload-journal.c
@@ -104,7 +104,7 @@ static ssize_t write_entry(char *buf, size_t size, Uploader *u) {
 
                         r = snprintf(buf + pos, size - pos,
                                      "_BOOT_ID=%s\n", sd_id128_to_string(boot_id, sid));
-                        if (r + pos> size)
+                        if (r + pos > size)
                                 /* not enough space */
                                 return pos;