From 4555b9e92e1560c60a5c1fa1f9eb489bea292eb8 Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Fri, 25 Sep 2015 20:32:34 +0100 Subject: [PATCH] hyperv-daemons: Fix fortify format warning --- debian/changelog | 1 + debian/patches/series | 1 + .../tools-hv-fix-fortify-format-warning.patch | 54 +++++++++++++++++++ 3 files changed, 56 insertions(+) create mode 100644 debian/patches/tools-hv-fix-fortify-format-warning.patch diff --git a/debian/changelog b/debian/changelog index 53554c55f..fd712fa43 100644 --- a/debian/changelog +++ b/debian/changelog @@ -9,6 +9,7 @@ linux-tools (4.2-1) UNRELEASED; urgency=medium * linux-perf: Fix installation directory for bash completions * linux-perf: Remove shebang lines from perf scripts * Set compiler flags according to dpkg-buildflags + * hyperv-daemons: Fix fortify format warning -- Ben Hutchings Fri, 25 Sep 2015 18:42:20 +0100 diff --git a/debian/patches/series b/debian/patches/series index e09d47f45..f8ec6ae43 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -13,3 +13,4 @@ lockdep-fix-soname.patch tools-perf-remove-shebangs.patch tools-lib-traceevent-use-ldflags.patch tools-lib-lockdep-use-ldflags.patch +tools-hv-fix-fortify-format-warning.patch diff --git a/debian/patches/tools-hv-fix-fortify-format-warning.patch b/debian/patches/tools-hv-fix-fortify-format-warning.patch new file mode 100644 index 000000000..a5e0ba6c1 --- /dev/null +++ b/debian/patches/tools-hv-fix-fortify-format-warning.patch @@ -0,0 +1,54 @@ +From: Ben Hutchings +Date: Fri, 25 Sep 2015 20:28:10 +0100 +Subject: tools/hv: Fix fortify format warning + +With fortify enabled, gcc warns: + +tools/hv/hv_kvp_daemon.c:705:2: error: format not a string literal and no format arguments [-Werror=format-security] + snprintf(dev_id, sizeof(dev_id), kvp_net_dir); + ^ + +kvp_net_dir is a pointer to a string literal, but lacks const +qualification. As it is never modified, it should be a const +array rather than a pointer. + +Also, while snprintf() has a bounds check, the following strcat()s +do not. Combine them into a single snprintf(). + +Signed-off-by: Ben Hutchings +--- +--- a/tools/hv/hv_kvp_daemon.c ++++ b/tools/hv/hv_kvp_daemon.c +@@ -691,10 +691,10 @@ static char *kvp_mac_to_if_name(char *ma + DIR *dir; + struct dirent *entry; + FILE *file; +- char *p, *q, *x; ++ char *p, *x; + char *if_name = NULL; + char buf[256]; +- char *kvp_net_dir = "/sys/class/net/"; ++ const char kvp_net_dir[] = "/sys/class/net/"; + char dev_id[256]; + unsigned int i; + +@@ -702,17 +702,9 @@ static char *kvp_mac_to_if_name(char *ma + if (dir == NULL) + return NULL; + +- snprintf(dev_id, sizeof(dev_id), kvp_net_dir); +- q = dev_id + strlen(kvp_net_dir); +- + while ((entry = readdir(dir)) != NULL) { +- /* +- * Set the state for the next pass. +- */ +- *q = '\0'; +- +- strcat(dev_id, entry->d_name); +- strcat(dev_id, "/address"); ++ snprintf(dev_id, sizeof(dev_id), "%s%s/address", ++ kvp_net_dir, entry->d_name); + + file = fopen(dev_id, "r"); + if (file == NULL)