qemu-stable
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] net/tap-win32: Fix gcc 14 format truncation errors


From: Pierrick Bouvier
Subject: Re: [PATCH v2] net/tap-win32: Fix gcc 14 format truncation errors
Date: Wed, 23 Oct 2024 14:42:02 -0700
User-agent: Mozilla Thunderbird

On 10/8/24 13:28, Bernhard Beschow wrote:
The patch fixes the following errors generated by GCC 14.2:

../src/net/tap-win32.c:343:19: error: '%s' directive output may be truncated 
writing up to 255 bytes into a region of size 176 [-Werror=format-truncation=]
   343 |              "%s\\%s\\Connection",
       |                   ^~
   344 |              NETWORK_CONNECTIONS_KEY, enum_name);
       |                                       ~~~~~~~~~

../src/net/tap-win32.c:341:9: note: 'snprintf' output between 92 and 347 bytes 
into a destination of size 256
   341 |         snprintf(connection_string,
       |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~
   342 |              sizeof(connection_string),
       |              ~~~~~~~~~~~~~~~~~~~~~~~~~~
   343 |              "%s\\%s\\Connection",
       |              ~~~~~~~~~~~~~~~~~~~~~
   344 |              NETWORK_CONNECTIONS_KEY, enum_name);
       |              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

../src/net/tap-win32.c:242:58: error: '%s' directive output may be truncated 
writing up to 255 bytes into a region of size 178 [-Werror=format-truncation=]
   242 |         snprintf (unit_string, sizeof(unit_string), "%s\\%s",
       |                                                          ^~
   243 |                   ADAPTER_KEY, enum_name);
       |                                ~~~~~~~~~

../src/net/tap-win32.c:242:9: note: 'snprintf' output between 79 and 334 bytes 
into a destination of size 256
   242 |         snprintf (unit_string, sizeof(unit_string), "%s\\%s",
       |         ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   243 |                   ADAPTER_KEY, enum_name);
       |                   ~~~~~~~~~~~~~~~~~~~~~~~

../src/net/tap-win32.c:620:52: error: '%s' directive output may be truncated 
writing up to 255 bytes into a region of size 245 [-Werror=format-truncation=]
   620 |     snprintf (device_path, sizeof(device_path), "%s%s%s",
       |                                                    ^~
   621 |               USERMODEDEVICEDIR,
   622 |               device_guid,
       |               ~~~~~~~~~~~
../src/net/tap-win32.c:620:5: note: 'snprintf' output between 16 and 271 bytes 
into a destination of size 256
   620 |     snprintf (device_path, sizeof(device_path), "%s%s%s",
       |     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   621 |               USERMODEDEVICEDIR,
       |               ~~~~~~~~~~~~~~~~~~
   622 |               device_guid,
       |               ~~~~~~~~~~~~
   623 |               TAPSUFFIX);
       |               ~~~~~~~~~~

Signed-off-by: Bernhard Beschow <shentey@gmail.com>
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2607
Cc: qemu-stable@nongnu.org

--

This patch was just compile-tested (which fixes my issue). Testing TAP
networking under Windows apparently requires extra drivers which I don't want to
install (not my computer). So it would be nice if someone could give this patch
a test ride. Thanks!

Changes since v1:
* Use g_autofree and g_strdup_printf() rather than fixed size arrays (Peter)
---
  net/tap-win32.c | 15 ++++++---------
  1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/net/tap-win32.c b/net/tap-win32.c
index 7edbd71633..671dee970f 100644
--- a/net/tap-win32.c
+++ b/net/tap-win32.c
@@ -214,7 +214,7 @@ static int is_tap_win32_dev(const char *guid)
for (;;) {
          char enum_name[256];
-        char unit_string[256];
+        g_autofree char *unit_string = NULL;
          HKEY unit_key;
          char component_id_string[] = "ComponentId";
          char component_id[256];
@@ -239,8 +239,7 @@ static int is_tap_win32_dev(const char *guid)
              return FALSE;
          }
- snprintf (unit_string, sizeof(unit_string), "%s\\%s",
-                  ADAPTER_KEY, enum_name);
+        unit_string = g_strdup_printf("%s\\%s", ADAPTER_KEY, enum_name);
status = RegOpenKeyEx(
              HKEY_LOCAL_MACHINE,
@@ -315,7 +314,7 @@ static int get_device_guid(
      while (!stop)
      {
          char enum_name[256];
-        char connection_string[256];
+        g_autofree char *connection_string = NULL;
          HKEY connection_key;
          char name_data[256];
          DWORD name_type;
@@ -338,9 +337,7 @@ static int get_device_guid(
              return -1;
          }
- snprintf(connection_string,
-             sizeof(connection_string),
-             "%s\\%s\\Connection",
+        connection_string = g_strdup_printf("%s\\%s\\Connection",
               NETWORK_CONNECTIONS_KEY, enum_name);
status = RegOpenKeyEx(
@@ -595,7 +592,7 @@ static void tap_win32_free_buffer(tap_win32_overlapped_t 
*overlapped,
  static int tap_win32_open(tap_win32_overlapped_t **phandle,
                            const char *preferred_name)
  {
-    char device_path[256];
+    g_autofree char *device_path = NULL;
      char device_guid[0x100];
      int rc;
      HANDLE handle;
@@ -617,7 +614,7 @@ static int tap_win32_open(tap_win32_overlapped_t **phandle,
      if (rc)
          return -1;
- snprintf (device_path, sizeof(device_path), "%s%s%s",
+    device_path = g_strdup_printf("%s%s%s",
                USERMODEDEVICEDIR,
                device_guid,
                TAPSUFFIX);

Reviewed-by: Pierrick Bouvier <pierrick.bouvier@linaro.org>

I ran into this as well and reimplemented something similar, but less good than current patch (which should be favored).[1]

I can't test it neither with TAP networking, but content of patch seems
correct to me. Hope we can merge it soon (before 9.2).

[1] https://lore.kernel.org/qemu-devel/20241023183009.1041419-1-pierrick.bouvier@linaro.org/

Regards,
Pierrick



reply via email to

[Prev in Thread] Current Thread [Next in Thread]