[igt-dev] [PATCH i-g-t v3] intel_reg: Fix truncate string in the snprintf

Rodrigo Siqueira rodrigosiqueiramelo at gmail.com
Sun Sep 2 19:49:31 UTC 2018 

Hi,

First of all, thanks a lot for your feedback. I applied and tested the
patch, and everything is fine. With this patch, IGT will be free of GCC
warnings :)

Reviewed-by: Rodrigo Siqueira <rodrigosiqueiramelo at gmail.com>

On 08/27, Arkadiusz Hiler wrote:
> From: Rodrigo Siqueira <rodrigosiqueiramelo at gmail.com>
> 
> This patch fix the following GCC warning:
> 
> ../tools/intel_reg.c: In function ‘dump_decode’:
> ../tools/intel_reg.c:203:41: warning: ‘snprintf’ output may be truncated
> before the last format character [-Wformat-truncation=]
>    snprintf(decode, sizeof(decode), "\n%s", bin);
> [..]
> ../tools/intel_reg.c:200:40: warning: ‘%s’ directive output may be
> truncated writing up to 1023 bytes into a region of size 1022
> [-Wformat-truncation=]
>     snprintf(decode, sizeof(decode), " (%s)\n%s", tmp, bin);
> [..]
> ../tools/intel_reg.c:200:4: note: ‘snprintf’ output between 5 and 2051
> bytes into a destination of size 1024
>     snprintf(decode, sizeof(decode), " (%s)\n%s", tmp, bin);
> [..]
> 
> The decode[] variable contains concatenated contents of bin[] and tmp[],
> both of which are allocated as 1024 bytes.
> 
> Allocating 1024 chars for bin[] seems like an overkill, since all it
> ever holds it the output of to_binary().
> 
> to_binary outputs fixed format:
> --------------------------------------------------------------------
>                24               16                8                0
>   1 1 0 1 1 1 1 0  1 0 1 0 1 1 0 1  1 0 1 1 1 1 1 0  1 1 1 0 1 1 1 1
> --------------------------------------------------------------------
> Which is 138 chars long (sans the new line).
> 
> We can limit the size of char bin[] to that number (-ish), and then
> slightly bump the size of decode[] to accommodate for combined sizes of
> tmp[] and bin[].
> 
> Changes since V1:
>  - Improve commit message
> Changes since V2:
>  - updated commit message
>  - limit the amount of stack abuse
> 
> Signed-off-by: Rodrigo Siqueira <rodrigosiqueiramelo at gmail.com>
> Signed-off-by: Arkadiusz Hiler <arkadiusz.hiler at intel.com>
> ---
>  tools/intel_reg.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/tools/intel_reg.c b/tools/intel_reg.c
> index ddff2794..1247b70b 100644
> --- a/tools/intel_reg.c
> +++ b/tools/intel_reg.c
> @@ -180,9 +180,9 @@ static void to_binary(char *buf, size_t buflen, uint32_t val)
>  
>  static void dump_decode(struct config *config, struct reg *reg, uint32_t val)
>  {
> -	char decode[1024];
> +	char decode[1300];
>  	char tmp[1024];
> -	char bin[1024];
> +	char bin[200];
>  
>  	if (config->binary)
>  		to_binary(bin, sizeof(bin), val);
> -- 
> 2.17.1
> 

-- 
Rodrigo Siqueira
http://siqueira.tech
Graduate Student
Department of Computer Science
University of São Paulo

More information about the igt-dev mailing list