From: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Date: Thu, 5 Apr 2018 01:50:51 +0000 (+0200)
Subject: tools/blktap2: fix hypothetical buffer overflow
X-Git-Tag: archive/raspbian/4.11.1-1+rpi1~1^2~66^2~226
X-Git-Url: https://dgit.raspbian.org/%22http://www.example.com/cgi/success/%22http:/www.example.com/cgi/success?a=commitdiff_plain;h=3a633c261426f06627d88bf7feca6ff87f692f16;p=xen.git

tools/blktap2: fix hypothetical buffer overflow

gcc-8 complains:

    vhd-util-read.c: In function 'vhd_util_read':
    vhd-util-read.c:50:24: error: '%lu' directive output may be truncated writing between 1 and 20 bytes into a region of size 15 [-Werror=format-truncation=]
      snprintf(nbuf, nsize, "%" PRIu64, num);
                            ^~~
    vhd-util-read.c:50:25: note: format string is defined here
      snprintf(nbuf, nsize, "%" PRIu64, num);
    vhd-util-read.c:50:24: note: directive argument in the range [0, 18446744073709551614]
      snprintf(nbuf, nsize, "%" PRIu64, num);
                            ^~~
    vhd-util-read.c:50:2: note: 'snprintf' output between 2 and 21 bytes into a destination of size 15
      snprintf(nbuf, nsize, "%" PRIu64, num);
      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    vhd-util-read.c:43:24: error: '%#lx' directive output may be truncated writing between 1 and 18 bytes into a region of size 15 [-Werror=format-truncation=]
      snprintf(nbuf, nsize, "%#" PRIx64 , num);
                            ^~~~
    vhd-util-read.c:43:25: note: format string is defined here
      snprintf(nbuf, nsize, "%#" PRIx64 , num);
    vhd-util-read.c:43:24: note: directive argument in the range [0, 18446744073709551614]
      snprintf(nbuf, nsize, "%#" PRIx64 , num);
                            ^~~~
    vhd-util-read.c:43:2: note: 'snprintf' output between 2 and 19 bytes into a destination of size 15
      snprintf(nbuf, nsize, "%#" PRIx64 , num);
      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Make the buffer larger.

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Acked-by: Wei Liu <wei.liu2@citrix.com>
Release-Acked-by: Juergen Gross <jgross@suse.com>
---

diff --git a/tools/blktap2/vhd/lib/vhd-util-read.c b/tools/blktap2/vhd/lib/vhd-util-read.c
index ac4d833cbc..f29066169f 100644
--- a/tools/blktap2/vhd/lib/vhd-util-read.c
+++ b/tools/blktap2/vhd/lib/vhd-util-read.c
@@ -34,7 +34,7 @@
 #include "libvhd.h"
 #include "vhd-util.h"
 
-#define nsize     15
+#define nsize     24
 static char nbuf[nsize];
 
 static inline char *