ref: 8379c7f20b9346a7cd69808c58661bfc2e0d39f5
parent: 6b12fb5f80c2cbdc77f4a6bdb236469986921502
author: Roberto E. Vargas Caballero <k0ga@shike2.com>
date: Sat Oct 30 08:27:10 EDT 2021
driver/posix: Revert check in snprintf() Commit 0e40771ad1 removed the check for negative values in snprintf(), and that check is actually needed in you follow the standard.
--- a/src/cmd/cc/posix/cc.c
+++ b/src/cmd/cc/posix/cc.c
@@ -183,12 +183,12 @@
case CC2:
fmt = cc12fmt(tool);
n = snprintf(t->bin, sizeof(t->bin), fmt, t->cmd, arch, abi);
- if (n >= sizeof(t->bin))
+ if (n < 0 || n >= sizeof(t->bin))
die("cc: target tool name is too long");case QBE:
n = snprintf(t->cmd, sizeof(t->cmd),
"%s/libexec/scc/%s", prefix, t->bin);
- if (n >= sizeof(t->cmd))
+ if (n < 0 || n >= sizeof(t->cmd))
die("cc: target tool path is too long");break;
case LD:
@@ -242,7 +242,7 @@
newsz = pathln + 1 + strlen(type) + 1;
new = xmalloc(newsz);
n = snprintf(new, newsz, "%.*s%c%s", (int)pathln, path, sep, type);
- if (n >= newsz)
+ if (n < 0 || n >= newsz)
die("cc: wrong output filename"); if (sep == '/') {if ((tmpfd = mkstemp(new)) < 0)