[PATCH] rangeset: no need to use snprintf()

Jan Beulich posted 1 patch 1 week ago
Test gitlab-ci failed
Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/2338703b-3613-41c6-8ae6-387ba2869408@suse.com

[PATCH] rangeset: no need to use snprintf()

Posted by Jan Beulich 1 week ago
As of the conversion to safe_strcpy() years ago there has been no need
anymore to use snprintf() to prevent storing a not-nul-terminated string.

Signed-off-by: Jan Beulich <jbeulich@suse.com>

--- a/xen/common/rangeset.c
+++ b/xen/common/rangeset.c
@@ -436,14 +436,7 @@ struct rangeset *rangeset_new(
     BUG_ON(flags & ~RANGESETF_prettyprint_hex);
     r->flags = flags;
 
-    if ( name != NULL )
-    {
-        safe_strcpy(r->name, name);
-    }
-    else
-    {
-        snprintf(r->name, sizeof(r->name), "(no name)");
-    }
+    safe_strcpy(r->name, name ?: "(no name)");
 
     if ( (r->domain = d) != NULL )
     {

Re: [PATCH] rangeset: no need to use snprintf()

Posted by Julien Grall 1 week ago
Hi Jan,

On 06/04/2021 09:50, Jan Beulich wrote:
> As of the conversion to safe_strcpy() years ago there has been no need
> anymore to use snprintf() to prevent storing a not-nul-terminated string.
> 
> Signed-off-by: Jan Beulich <jbeulich@suse.com>

Acked-by: Julien Grall <jgrall@amazon.com>

> 
> --- a/xen/common/rangeset.c
> +++ b/xen/common/rangeset.c
> @@ -436,14 +436,7 @@ struct rangeset *rangeset_new(
>       BUG_ON(flags & ~RANGESETF_prettyprint_hex);
>       r->flags = flags;
>   
> -    if ( name != NULL )
> -    {
> -        safe_strcpy(r->name, name);
> -    }
> -    else
> -    {
> -        snprintf(r->name, sizeof(r->name), "(no name)");
> -    }
> +    safe_strcpy(r->name, name ?: "(no name)");

I realize the current code is not checking the return, but I wonder we 
should rather than silently truncating the string.

This is not a new issue, so it can dealt separately if we decide to 
check the return.

Cheers,

-- 
Julien Grall

Re: [PATCH] rangeset: no need to use snprintf()

Posted by Jan Beulich 1 week ago
On 06.04.2021 15:44, Julien Grall wrote:
> On 06/04/2021 09:50, Jan Beulich wrote:
>> As of the conversion to safe_strcpy() years ago there has been no need
>> anymore to use snprintf() to prevent storing a not-nul-terminated string.
>>
>> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> 
> Acked-by: Julien Grall <jgrall@amazon.com>

Thanks.

>> --- a/xen/common/rangeset.c
>> +++ b/xen/common/rangeset.c
>> @@ -436,14 +436,7 @@ struct rangeset *rangeset_new(
>>       BUG_ON(flags & ~RANGESETF_prettyprint_hex);
>>       r->flags = flags;
>>   
>> -    if ( name != NULL )
>> -    {
>> -        safe_strcpy(r->name, name);
>> -    }
>> -    else
>> -    {
>> -        snprintf(r->name, sizeof(r->name), "(no name)");
>> -    }
>> +    safe_strcpy(r->name, name ?: "(no name)");
> 
> I realize the current code is not checking the return, but I wonder we 
> should rather than silently truncating the string.

The name field is used only for display purposes, so I guess truncation
wouldn't really be a problem here.

Jan