Date: Fri, 13 Jun 2025 01:21:43 GMT From: Warner Losh <imp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: aae67a2c2b66 - main - mfiutil: Fix unsafe assumptions of snprintf(3) return value Message-ID: <202506130121.55D1LhXF086456@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by imp: URL: https://cgit.FreeBSD.org/src/commit/?id=aae67a2c2b663a6bce8fbc087ff8490336b8618f commit aae67a2c2b663a6bce8fbc087ff8490336b8618f Author: WHR <whr@rivoreo.one> AuthorDate: 2024-09-03 10:19:04 +0000 Commit: Warner Losh <imp@FreeBSD.org> CommitDate: 2025-06-13 01:21:44 +0000 mfiutil: Fix unsafe assumptions of snprintf(3) return value PR: 281160 Reviewed by: imp Pull Request: https://github.com/freebsd/freebsd-src/pull/1405 Closes: https://github.com/freebsd/freebsd-src/pull/1405 --- usr.sbin/mfiutil/mfi_bbu.c | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/usr.sbin/mfiutil/mfi_bbu.c b/usr.sbin/mfiutil/mfi_bbu.c index 9075c4d0ddd0..e97227d47c70 100644 --- a/usr.sbin/mfiutil/mfi_bbu.c +++ b/usr.sbin/mfiutil/mfi_bbu.c @@ -50,10 +50,23 @@ mfi_autolearn_period(uint32_t period, char *buf, size_t sz) tmp = buf; if (d != 0) { - tmp += snprintf(buf, sz, "%u day%s", d, d == 1 ? "" : "s"); + int fmt_len; + fmt_len = snprintf(buf, sz, "%u day%s", d, d == 1 ? "" : "s"); + if (fmt_len < 0) { + *buf = 0; + return; + } + if ((size_t)fmt_len >= sz) { + return; + } + tmp += fmt_len; sz -= tmp - buf; if (h != 0) { - tmp += snprintf(tmp, sz, ", "); + fmt_len = snprintf(tmp, sz, ", "); + if (fmt_len < 0 || (size_t)fmt_len >= sz) { + return; + } + tmp += fmt_len; sz -= 2; } }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202506130121.55D1LhXF086456>