From e68eedbbdc98fa13449756b7fee3bed689d76493 Mon Sep 17 00:00:00 2001
From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Wed, 2 Nov 2016 22:02:46 -0400
Subject: Revert some uses of xsprintf

This reverts some changes introduced in d054f0a4d4.
xsprintf should be used in cases where we calculated the right buffer
size by hand (using DECIMAL_STRING_MAX and such), and never in cases where
we are printing externally specified strings of arbitrary length.

Fixes #4534.
---
 src/udev/collect/collect.c     |  6 +++---
 src/udev/udev-builtin-net_id.c | 11 ++++++-----
 2 files changed, 9 insertions(+), 8 deletions(-)

(limited to 'src/udev')

diff --git a/src/udev/collect/collect.c b/src/udev/collect/collect.c
index 349585b634..0e973cd521 100644
--- a/src/udev/collect/collect.c
+++ b/src/udev/collect/collect.c
@@ -85,16 +85,16 @@ static void usage(void)
  */
 static int prepare(char *dir, char *filename)
 {
-        char buf[512];
+        char buf[PATH_MAX];
         int r, fd;
 
         r = mkdir(dir, 0700);
         if (r < 0 && errno != EEXIST)
                 return -errno;
 
-        xsprintf(buf, "%s/%s", dir, filename);
+        snprintf(buf, sizeof buf, "%s/%s", dir, filename);
 
-        fd = open(buf,O_RDWR|O_CREAT|O_CLOEXEC, S_IRUSR|S_IWUSR);
+        fd = open(buf, O_RDWR|O_CREAT|O_CLOEXEC, S_IRUSR|S_IWUSR);
         if (fd < 0)
                 fprintf(stderr, "Cannot open %s: %m\n", buf);
 
diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c
index 0eb2500dd2..fe9d6f4482 100644
--- a/src/udev/udev-builtin-net_id.c
+++ b/src/udev/udev-builtin-net_id.c
@@ -211,7 +211,7 @@ static int dev_pci_slot(struct udev_device *dev, struct netnames *names) {
         char *s;
         const char *attr, *port_name;
         struct udev_device *pci = NULL;
-        char slots[256], str[256];
+        char slots[PATH_MAX];
         _cleanup_closedir_ DIR *dir = NULL;
         struct dirent *dent;
         int hotplug_slot = 0, err = 0;
@@ -248,7 +248,8 @@ static int dev_pci_slot(struct udev_device *dev, struct netnames *names) {
                 err = -ENOENT;
                 goto out;
         }
-        xsprintf(slots, "%s/slots", udev_device_get_syspath(pci));
+
+        snprintf(slots, sizeof slots, "%s/slots", udev_device_get_syspath(pci));
         dir = opendir(slots);
         if (!dir) {
                 err = -errno;
@@ -257,8 +258,7 @@ static int dev_pci_slot(struct udev_device *dev, struct netnames *names) {
 
         for (dent = readdir(dir); dent != NULL; dent = readdir(dir)) {
                 int i;
-                char *rest;
-                char *address;
+                char *rest, *address, str[PATH_MAX];
 
                 if (dent->d_name[0] == '.')
                         continue;
@@ -267,7 +267,8 @@ static int dev_pci_slot(struct udev_device *dev, struct netnames *names) {
                         continue;
                 if (i < 1)
                         continue;
-                xsprintf(str, "%s/%s/address", slots, dent->d_name);
+
+                snprintf(str, sizeof str, "%s/%s/address", slots, dent->d_name);
                 if (read_one_line_file(str, &address) >= 0) {
                         /* match slot address with device by stripping the function */
                         if (strneq(address, udev_device_get_sysname(names->pcidev), strlen(address)))
-- 
cgit v1.2.3-54-g00ecf


From e02c6135602bef7de81d7736d5c0959d45d5085c Mon Sep 17 00:00:00 2001
From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Wed, 2 Nov 2016 22:05:48 -0400
Subject: udev/udev-watch: calculate the real buffer sizes needed

---
 src/udev/udev-node.c  | 4 ++--
 src/udev/udev-watch.c | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

(limited to 'src/udev')

diff --git a/src/udev/udev-node.c b/src/udev/udev-node.c
index 5d2997fd8f..43004bc0bc 100644
--- a/src/udev/udev-node.c
+++ b/src/udev/udev-node.c
@@ -337,7 +337,7 @@ out:
 void udev_node_add(struct udev_device *dev, bool apply,
                    mode_t mode, uid_t uid, gid_t gid,
                    struct udev_list *seclabel_list) {
-        char filename[UTIL_PATH_SIZE];
+        char filename[sizeof("/dev/block/:") + 2*DECIMAL_STR_MAX(unsigned)];
         struct udev_list_entry *list_entry;
 
         log_debug("handling device node '%s', devnum=%s, mode=%#o, uid="UID_FMT", gid="GID_FMT,
@@ -360,7 +360,7 @@ void udev_node_add(struct udev_device *dev, bool apply,
 
 void udev_node_remove(struct udev_device *dev) {
         struct udev_list_entry *list_entry;
-        char filename[UTIL_PATH_SIZE];
+        char filename[sizeof("/dev/block/:") + 2*DECIMAL_STR_MAX(unsigned)];
 
         /* remove/update symlinks, remove symlinks from name index */
         udev_list_entry_foreach(list_entry, udev_device_get_devlinks_list_entry(dev))
diff --git a/src/udev/udev-watch.c b/src/udev/udev-watch.c
index 9ce5e975de..bc9096ed0c 100644
--- a/src/udev/udev-watch.c
+++ b/src/udev/udev-watch.c
@@ -89,7 +89,7 @@ unlink:
 }
 
 void udev_watch_begin(struct udev *udev, struct udev_device *dev) {
-        char filename[UTIL_PATH_SIZE];
+        char filename[sizeof("/run/udev/watch/") + DECIMAL_STR_MAX(int)];
         int wd;
         int r;
 
@@ -116,7 +116,7 @@ void udev_watch_begin(struct udev *udev, struct udev_device *dev) {
 
 void udev_watch_end(struct udev *udev, struct udev_device *dev) {
         int wd;
-        char filename[UTIL_PATH_SIZE];
+        char filename[sizeof("/run/udev/watch/") + DECIMAL_STR_MAX(int)];
 
         if (inotify_fd < 0)
                 return;
@@ -135,7 +135,7 @@ void udev_watch_end(struct udev *udev, struct udev_device *dev) {
 }
 
 struct udev_device *udev_watch_lookup(struct udev *udev, int wd) {
-        char filename[UTIL_PATH_SIZE];
+        char filename[sizeof("/run/udev/watch/") + DECIMAL_STR_MAX(int)];
         char device[UTIL_NAME_SIZE];
         ssize_t len;
 
-- 
cgit v1.2.3-54-g00ecf