On 07/17/2017 10:12 AM, Max Reitz wrote: > gcc 7 complains that the sprintf() might write a null byte beyond the > end of the tail buffer. That is wrong, but we can silence it by making > i unsigned (it can never be negative anyway, see the if condition right > before). For some reason, this allows gcc to suddenly accurately > calculate the range of i so we can give the tail[] array the exact size > it needs to have (which is 8 bytes) without gcc complaining. > > In addition, let us convert the sprintf() to snprintf(), because that is > always nicer, and add an assertion about the range of the return value > afterwards so we can see that "8 - len" will never be negative and thus > "entry->name + MIN(j, 8 - len)" will never be out of bounds. > > Signed-off-by: Max Reitz <mre...@redhat.com> > --- > block/vvfat.c | 5 +++-- > 1 file changed, 3 insertions(+), 2 deletions(-)
Reviewed-by: Eric Blake <ebl...@redhat.com> -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3266 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature
