clock: Fix poor snprintf() handling.

The calls to snprintf() to format /dev/phc%d use the wrong pattern.
That function always properly terminates the string with null.
However, the code passes a hard coded length of 31 to static arrays of
length 32.  While this is not a bug, there are two issues here.

First, any (improbable) future increase in the array lengths would
have to also remember to fix up the snprintf() call site as well.
Secondly, the pattern of using buf[N] and then length=N-1 is
appropriate for strncpy(), but is useless for snprintf().

Signed-off-by: Richard Cochran <richardcochran@gmail.com>
Reported-by: Petr Kulhavy <brain@jikos.cz>
master
Richard Cochran 2017-05-21 21:17:03 +02:00
parent 6558bade7c
commit 78d2a32a94
1 changed files with 2 additions and 2 deletions

View File

@ -1053,7 +1053,7 @@ struct clock *clock_create(enum clock_type type, struct config *config,
c->utc_timescale = 1;
}
} else if (phc_index >= 0) {
snprintf(phc, 31, "/dev/ptp%d", phc_index);
snprintf(phc, sizeof(phc), "/dev/ptp%d", phc_index);
c->clkid = phc_open(phc);
if (c->clkid == CLOCK_INVALID) {
pr_err("Failed to open %s: %m", phc);
@ -1589,7 +1589,7 @@ int clock_switch_phc(struct clock *c, int phc_index)
clockid_t clkid;
char phc[32];
snprintf(phc, 31, "/dev/ptp%d", phc_index);
snprintf(phc, sizeof(phc), "/dev/ptp%d", phc_index);
clkid = phc_open(phc);
if (clkid == CLOCK_INVALID) {
pr_err("Switching PHC, failed to open %s: %m", phc);