summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTomohiro Kusumi <[email protected]>2019-05-01 11:41:12 +0900
committerBrian Behlendorf <[email protected]>2019-04-30 19:41:12 -0700
commitf0ce0436aa801a5b281f93a456d394fe141034f7 (patch)
treec4ecfffe9b4b2915215e2a38fc0eaa9d94df0a62
parent77449a1ab0467a6fc43211a9c19d6f60be52a737 (diff)
Correct snprintf() size argument
The size argument of snprintf(3) in glibc and snprintf() in Linux kernel includes trailing \0, as snprintf(3) man page explains it as "write at most size bytes (including the trailing null byte ('\0'))", i.e. snprintf() can just take buffer size. e.g. For snprintf() in module/zfs/zfs_ctldir.c, a buffer size is MAXPATHLEN, and a caller is passing MAXPATHLEN to snprintf(), so size should just be `path_len` to do what the caller is trying to do. Reviewed-by: Brian Behlendorf <[email protected]> Reviewed-by: George Melikov <[email protected]> Reviewed-by: Richard Laager <[email protected]> Signed-off-by: Tomohiro Kusumi <[email protected]> Closes #8692
-rw-r--r--lib/libzfs/libzfs_sendrecv.c6
-rw-r--r--module/spl/spl-err.c2
-rw-r--r--module/zfs/zfs_ctldir.c3
3 files changed, 5 insertions, 6 deletions
diff --git a/lib/libzfs/libzfs_sendrecv.c b/lib/libzfs/libzfs_sendrecv.c
index d68efd96e..2c2eca8db 100644
--- a/lib/libzfs/libzfs_sendrecv.c
+++ b/lib/libzfs/libzfs_sendrecv.c
@@ -971,7 +971,7 @@ send_iterate_fs(zfs_handle_t *zhp, void *arg)
char snapname[MAXPATHLEN] = { 0 };
zfs_handle_t *snap;
- (void) snprintf(snapname, sizeof (snapname) - 1, "%s@%s",
+ (void) snprintf(snapname, sizeof (snapname), "%s@%s",
zhp->zfs_name, sd->tosnap);
if (sd->fromsnap != NULL)
sd->seenfrom = B_TRUE;
@@ -1524,7 +1524,7 @@ dump_filesystem(zfs_handle_t *zhp, void *arg)
zfs_handle_t *snap;
if (!sdd->seenfrom) {
- (void) snprintf(snapname, sizeof (snapname) - 1,
+ (void) snprintf(snapname, sizeof (snapname),
"%s@%s", zhp->zfs_name, sdd->fromsnap);
snap = zfs_open(zhp->zfs_hdl, snapname,
ZFS_TYPE_SNAPSHOT);
@@ -1535,7 +1535,7 @@ dump_filesystem(zfs_handle_t *zhp, void *arg)
}
if (rv == 0) {
- (void) snprintf(snapname, sizeof (snapname) - 1,
+ (void) snprintf(snapname, sizeof (snapname),
"%s@%s", zhp->zfs_name, sdd->tosnap);
snap = zfs_open(zhp->zfs_hdl, snapname,
ZFS_TYPE_SNAPSHOT);
diff --git a/module/spl/spl-err.c b/module/spl/spl-err.c
index 4c8f818a9..3c0bb71c0 100644
--- a/module/spl/spl-err.c
+++ b/module/spl/spl-err.c
@@ -86,7 +86,7 @@ vcmn_err(int ce, const char *fmt, va_list ap)
{
char msg[MAXMSGLEN];
- vsnprintf(msg, MAXMSGLEN - 1, fmt, ap);
+ vsnprintf(msg, MAXMSGLEN, fmt, ap);
switch (ce) {
case CE_IGNORE:
diff --git a/module/zfs/zfs_ctldir.c b/module/zfs/zfs_ctldir.c
index 485f21b79..9ff492eb4 100644
--- a/module/zfs/zfs_ctldir.c
+++ b/module/zfs/zfs_ctldir.c
@@ -766,8 +766,7 @@ zfsctl_snapshot_path_objset(zfsvfs_t *zfsvfs, uint64_t objsetid,
break;
}
- memset(full_path, 0, path_len);
- snprintf(full_path, path_len - 1, "%s/.zfs/snapshot/%s",
+ snprintf(full_path, path_len, "%s/.zfs/snapshot/%s",
zfsvfs->z_vfs->vfs_mntpoint, snapname);
out:
kmem_free(snapname, ZFS_MAX_DATASET_NAME_LEN);