[Bug 2769] New: String truncation warnings in fmt_scaled

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Sat Aug 26 21:43:31 AEST 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2769

            Bug ID: 2769
           Summary: String truncation warnings in fmt_scaled
           Product: Portable OpenSSH
           Version: -current
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: sftp
          Assignee: unassigned-bugs at mindrot.org
          Reporter: cjwatson at debian.org

Created attachment 3042
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3042&action=edit
Help compiler prove that fmt_scaled snprintf fits

fmt_scaled.c: In function ‘fmt_scaled’:
fmt_scaled.c:269:52: warning: ‘%1lld’ directive output may be truncated
writing between 1 and 17 bytes into a region of size between 0 and 5
[-Wformat-truncation=]
   (void)snprintf(result, FMT_SCALED_STRSIZE, "%lld.%1lld%c",
                                                    ^~~~~
fmt_scaled.c:269:46: note: directive argument in the range
[-9007199254740992, 9007199254740991]
   (void)snprintf(result, FMT_SCALED_STRSIZE, "%lld.%1lld%c",
                                              ^~~~~~~~~~~~~~
In file included from /usr/include/stdio.h:938:0,
                 from /usr/include/bsd/libutil.h:46,
                 from ../includes.h:141,
                 from fmt_scaled.c:41:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:64:10: note:
‘__builtin___snprintf_chk’ output between 5 and 40 bytes into a
destination of size 7
   return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        __bos (__s), __fmt, __va_arg_pack ());
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This is actually OK, I think, but the compiler can't quite prove it. 
The attached patch helps it do so by syncing up a condition with the
nearby comment and by adding an assertion.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list