From patchwork Tue Mar 13 16:15:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnd Bergmann X-Patchwork-Id: 131498 Delivered-To: patch@linaro.org Received: by 10.80.210.197 with SMTP id q5csp1027164edg; Tue, 13 Mar 2018 09:16:41 -0700 (PDT) X-Google-Smtp-Source: AG47ELvvOe8SyxmFgPpShW0DktAo4Wc70wted1X67lPfGk3pWwEEPmgu1Pl/4sGjpQiahdepZbqL X-Received: by 10.99.154.18 with SMTP id o18mr967177pge.344.1520957800877; Tue, 13 Mar 2018 09:16:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1520957800; cv=none; d=google.com; s=arc-20160816; b=F1KwdXJ7dqQbIwnjLu/aHOpuaKOIGU6z7w9EtdjIIyt0x0OZ2RWStYTf0oE/mQCjDF Ox4glkcTpXGxQNHv2SQKgoIxpqxoSLdYqwW6cJSWX8mlKy+iLCKHIajFemz0mQtq5btX yX3P+mRtQfeFrQbYGEYtto3+hmR37bsZXMnxai9xrgSegJRm0G74nJi05sodo9XAW2F6 gQtYvM1ZbK9k/vb0A9meNw01Jzvcbo/4neAhsA5y9+YeDMPEs4vc5ukA6IRB/XeLU45Z wRPvIYcR0Z5dpdBjtLB1yvg/5mj54gP1w6eQagG//S9j+MjRb/oMiQx4COIinCTntlce y7tg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:arc-authentication-results; bh=Ls2QXAe1KzAjlMk7Xort9StH5fSSS3UTxP65I/NTNwc=; b=ZXlE40Aa8eGrCVX7hBLgxxYnp55TevxzbttvRBZmlpJfxCNzemHDYD14IaKgUA9N/I v7Y6GM8VJ/udduRYc80mucVzNiB3aPVSqkWIKRdNnAWnkz2CPUCDvQB121XvemaoEYW7 EeJZHAt3W0xCWvQJrnQcU0x/COc2727fwzmoIEHKo0GkffOQ3x7kKxytub2p2+skf4w6 X96fvEq5Ljhy/cHlJL83SuOpGdBH6AvmbzygZ2ALyXNQ93sxoAuOEpIBDkm6nsdArURV wb3pYXJRdNMq9/UjXNNQJNLPrRr1C2aZsuVrC2qwIrl1fOazCwxbJz6hJefEu3PZ8Nz6 4sYQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i61-v6si339672plb.560.2018.03.13.09.16.40; Tue, 13 Mar 2018 09:16:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752824AbeCMQQi (ORCPT + 28 others); Tue, 13 Mar 2018 12:16:38 -0400 Received: from mout.kundenserver.de ([212.227.126.134]:46347 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752281AbeCMQQg (ORCPT ); Tue, 13 Mar 2018 12:16:36 -0400 Received: from wuerfel.lan ([95.208.111.237]) by mrelayeu.kundenserver.de (mreue004 [212.227.15.129]) with ESMTPA (Nemesis) id 0M0e7e-1eeWeo0csY-00uoHv; Tue, 13 Mar 2018 17:16:12 +0100 From: Arnd Bergmann To: "David S. Miller" , Herbert Xu Cc: Rasmus Villemoes , Arnd Bergmann , Martin Sebor , Florian Westphal , Phil Sutter , Paul Blakey , Tom Herbert , linux-kernel@vger.kernel.org Subject: [PATCH] [v2] test_rhashtable: avoid gcc-8 -Wformat-overflow warning Date: Tue, 13 Mar 2018 17:15:57 +0100 Message-Id: <20180313161606.471699-1-arnd@arndb.de> X-Mailer: git-send-email 2.9.0 In-Reply-To: References: X-Provags-ID: V03:K0:nhNJXHvXCbgs5Ywo38egMkugqqGfU5pAXmeGU+fl5UzT4YagbO+ ZQQb+twsw4YTuDM/p8EQpQWMk6gVw9yfbqUe5/77tyTPXATVkceawBQHLUnuRdcNTquNDh3 CNM9oB6mSYCk2EidBeK68JoYPjyRcag+Yz+7wS+6y3z9jZKNrkMYAWYc44s7yMn3Enb5xOY qv7RckbxDEPsBgQeXQtjw== X-UI-Out-Filterresults: notjunk:1; V01:K0:N7PRzOSjRHo=:vmg4AkGA/iJcYmQgFCMJZC tlHKe15DpF67SGEpqGL1FB85psN3JeA24NM2/nyAVeFAcuQFePezjTg7zAw0F15dwVBio7uC4 +x9AScSH7tmJdy0m552veW/qJQezq+MYFoI8szkox2Fn9kLmuwEzLuDKZ8bEC2SG0Ej9C7yL1 Bh+JjSJ0457/HJuuMxQaPvcQFx1dBSAAps6WbuygrncOEjsldttRamnWv6Hs6FvnRagiFt2mQ apAGBfvcqVXgp8FcghwCjJk2LCssh4hEXaeTGa3iqs+Jan86M8N7BNm7ZIU4VeWAFIl1RCWYG dVvNTAfkOgdiXnvz9bZSPtUofFFI1eJaw8wzYwySaroMTaK1EWUAxlZcHjHjAo3wUQAA4vTCO COfpeSXaEEWmcwxB8Ler8E80+uCL83R/s7v+l6D+DG078pXulkCjheBRvL2NqXPgNjBlcDYCg +nf77YEJ/jDDD84pH1fnNPx4DRilUec4O0KGuvRy2NAZgSHre7WISAGRfGxHk7Um21QbpS/8r L9SjQPqSYAK7AxgLl5PzZ/8HYttaNdHxt4NjB+kZxWytznJDN4Rh0biG69t4NPnnX6cIxIQiZ jliT/p7rgeNP+dnt45+zDk8crauzuHTIEgwCQEU4T6/Lu3gpY2rs6tZqUduDH8g9C90w8XYEG 3lQGYEOBAb8fM5M2MBqudYwwatoe1bMbwIgfloAI1yxpOd+x+4x6aPtPvYrFvhNnEIALv6Dkx YM+nUuQtFCasDZzLtJI1ichWKVd5J6i+BEcznA== Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org gcc-8 warns about a code pattern that is used in the newly added test_rhashtable code: lib/test_rhashtable.c: In function 'print_ht': lib/test_rhashtable.c:511:21: error: ' bucket[' directive writing 8 bytes into a region of size between 1 and 512 [-Werror=format-overflow=] sprintf(buff, "%s\nbucket[%d] -> ", buff, i); ^~~~~~~~~ lib/test_rhashtable.c:511:4: note: 'sprintf' output between 15 and 536 bytes into a destination of size 512 sprintf(buff, "%s\nbucket[%d] -> ", buff, i); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The problem here is using the same fixed-length buffer as input and output of snprintf(), which for an unbounded loop has an actual potential to overflow the buffer. The '512' byte length was apparently chosen to be "long enough" to prevent that in practice, but without any specific guarantees of being the smallest safe size. I can see three possible ways to avoid this warning: - rewrite the code to use pointer arithmetic to forward the buffer, rather than copying the buffer itself. This is a more conventional use of sprintf(), and it avoids the warning, but is not any more safe than the original code. - Rewrite the function in a safe way that avoids both the potential overflow and the warning. - Ask the gcc developers to not warn for this pattern if we consider the warning to be inappropriate. This patch implements the second of the above, using scnprintf() as Rasmus suggested. Fixes: 499ac3b60f65 ("test_rhashtable: add test case for rhltable with duplicate objects") Cc: Martin Sebor Suggested-by: Rasmus Villemoes Signed-off-by: Arnd Bergmann --- My patch is still untested, please try it out before applying. --- lib/test_rhashtable.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) -- 2.9.0 diff --git a/lib/test_rhashtable.c b/lib/test_rhashtable.c index f4000c137dbe..fa865a953176 100644 --- a/lib/test_rhashtable.c +++ b/lib/test_rhashtable.c @@ -496,6 +496,7 @@ static unsigned int __init print_ht(struct rhltable *rhlt) struct rhashtable *ht; const struct bucket_table *tbl; char buff[512] = ""; + size_t len = 0; unsigned int i, cnt = 0; ht = &rhlt->ht; @@ -508,19 +509,19 @@ static unsigned int __init print_ht(struct rhltable *rhlt) next = !rht_is_a_nulls(pos) ? rht_dereference(pos->next, ht) : NULL; if (!rht_is_a_nulls(pos)) { - sprintf(buff, "%s\nbucket[%d] -> ", buff, i); + len += scnprintf(buff + len, sizeof(buff) - len, "\nbucket[%d] -> ", i); } while (!rht_is_a_nulls(pos)) { struct rhlist_head *list = container_of(pos, struct rhlist_head, rhead); - sprintf(buff, "%s[[", buff); + len += scnprintf(buff + len, sizeof(buff) - len, "[["); do { pos = &list->rhead; list = rht_dereference(list->next, ht); p = rht_obj(ht, pos); - sprintf(buff, "%s val %d (tid=%d)%s", buff, p->value.id, p->value.tid, - list? ", " : " "); + len += scnprintf(buff + len, sizeof(buff) - len, " val %d (tid=%d)%s", + p->value.id, p->value.tid, list? ", " : " "); cnt++; } while (list); @@ -528,7 +529,8 @@ static unsigned int __init print_ht(struct rhltable *rhlt) next = !rht_is_a_nulls(pos) ? rht_dereference(pos->next, ht) : NULL; - sprintf(buff, "%s]]%s", buff, !rht_is_a_nulls(pos) ? " -> " : ""); + len += scnprintf(buff + len, sizeof(buff) - len, "]]%s", + !rht_is_a_nulls(pos) ? " -> " : ""); } } printk(KERN_ERR "\n---- ht: ----%s\n-------------\n", buff);