diff mbox

[pacman-dev] Fix gcc8 warnings.

Message ID 20180511175926.15410-1-eschwartz@archlinux.org
State Accepted, archived
Headers show

Commit Message

Eli Schwartz May 11, 2018, 5:59 p.m. UTC
Attempting to compile pacman with gcc8 results in several warnings like:

remove.c: In function ‘unlink_file.isra.4’:
remove.c:407:34: warning: ‘.pacsave.’ directive output may be truncated writing 9 bytes into a region of size between 1 and 4096 [-Wformat-truncation=]

Fix by adding checks to error out if snprintf tries to reserve a
truncated filename. Because the return values are checked, gcc delegates
the truncation response to our code instead of throwing warnings.

Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
---

This seems to solve the issue, though as mentioned in IRC it might be
nice if we only needed to check the first use of newfile -- everything
else is guaranteed to be shorter.

Also feel free to nitpick the log message wording.

 lib/libalpm/remove.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)
diff mbox

Patch

diff --git a/lib/libalpm/remove.c b/lib/libalpm/remove.c
index 5b53ac34..78ca5be7 100644
--- a/lib/libalpm/remove.c
+++ b/lib/libalpm/remove.c
@@ -404,14 +404,22 @@  static void shift_pacsave(alpm_handle_t *handle, const char *file)
 	/* Shift pacsaves */
 	unsigned long i;
 	for(i = log_max + 1; i > 1; i--) {
-		snprintf(oldfile, PATH_MAX, "%s.pacsave.%lu", file, i-1);
-		snprintf(newfile, PATH_MAX, "%s.pacsave.%lu", file, i);
+		if(snprintf(oldfile, PATH_MAX, "%s.pacsave.%lu", file, i-1) >= PATH_MAX
+				|| snprintf(newfile, PATH_MAX, "%s.pacsave.%lu", file, i) >= PATH_MAX) {
+			_alpm_log(handle, ALPM_LOG_ERROR,
+					_("could not backup %s due to PATH_MAX overflow\n"), file);
+			goto cleanup;
+		}
 		rename(oldfile, newfile);
 	}
 
-	snprintf(oldfile, PATH_MAX, "%s.pacsave", file);
+	if(snprintf(oldfile, PATH_MAX, "%s.pacsave", file) >= PATH_MAX
+			|| snprintf(newfile, PATH_MAX, "%s.1", oldfile) >= PATH_MAX) {
+		_alpm_log(handle, ALPM_LOG_ERROR,
+				_("could not backup %s due to PATH_MAX overflow\n"), file);
+		goto cleanup;
+	}
 	if(stat(oldfile, &st) == 0) {
-		snprintf(newfile, PATH_MAX, "%s.1", oldfile);
 		rename(oldfile, newfile);
 	}