[PATCH] libdisasm: Widen STRNCATF temp buffer

[Marc Gonzalez]

The temporary buffer used in STRNCATF is too small for a few callers,
which could lead to truncated output in some situations.
---
src/third_party/libdisasm/x86_format.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/third_party/libdisasm/x86_format.c b/src/third_party/libdisasm/x86_format.c
index 0ec960dc..966ddb09 100644
--- a/src/third_party/libdisasm/x86_format.c
+++ b/src/third_party/libdisasm/x86_format.c
@@ -29,7 +29,7 @@
} while( 0 )

#define STRNCATF( buf, fmt, data, len ) do { \
- char _tmp[MAX_OP_STRING]; \
+ char _tmp[80]; \
\
snprintf( _tmp, sizeof _tmp, fmt, data ); \
STRNCAT( buf, _tmp, len ); \
--
2.34.1

[Marc Gonzalez]

For the record, here are the warnings produced WITHOUT the patch:

$ ./configure CFLAGS="-Og" CXXFLAGS="-Og"
$ make src/third_party/libdisasm/x86_format.o

depbase=`echo src/third_party/libdisasm/x86_format.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
gcc -DHAVE_CONFIG_H -I. -I./src -I./src -fPIC -Og -MT src/third_party/libdisasm/x86_format.o -MD -MP -MF $depbase.Tpo -c -o src/third_party/libdisasm/x86_format.o src/third_party/libdisasm/x86_format.c &&\
mv -f $depbase.Tpo $depbase.Po

src/third_party/libdisasm/x86_format.c: In function ‘format_expr’:
src/third_party/libdisasm/x86_format.c:198:40: warning: ‘%s’ directive output may be truncated writing up to 31 bytes into a region of size 26 [-Wformat-truncation=]
198 | STRNCATF (buf, "type=\"%s\" ", str, len);
| ^~~~~~~~~~~~~~ ~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:198:48: note: format string is defined here
198 | STRNCATF (buf, "type=\"%s\" ", str, len);
| ^~
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 9 and 40 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c:212:40: warning: ‘%s’ directive output may be truncated writing up to 31 bytes into a region of size 26 [-Wformat-truncation=]
212 | STRNCATF (buf, "type=\"%s\" ", str, len);
| ^~~~~~~~~~~~~~ ~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:212:48: note: format string is defined here
212 | STRNCATF (buf, "type=\"%s\" ", str, len);
| ^~
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 9 and 40 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c: In function ‘format_operand_xml’:
src/third_party/libdisasm/x86_format.c:837:33: warning: ‘%04X’ directive output truncated writing 4 bytes into a region of size 1 [-Wformat-truncation=]
837 | "\t\t<absolute_address segment=\"0x%04" PRIX16 "\"",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:837:68: note: format string is defined here
837 | "\t\t<absolute_address segment=\"0x%04" PRIX16 "\"",
| ^~~~
src/third_party/libdisasm/x86_format.c:837:33: note: directive argument in the range [0, 65535]
837 | "\t\t<absolute_address segment=\"0x%04" PRIX16 "\"",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output 37 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c:807:40: warning: ‘%s’ directive output may be truncated writing up to 31 bytes into a region of size 25 [-Wformat-truncation=]
807 | STRNCATF( buf, "value=\"%s\"/>\n", str, len );
| ^~~~~~~~~~~~~~~~~~ ~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:807:49: note: format string is defined here
807 | STRNCATF( buf, "value=\"%s\"/>\n", str, len );
| ^~
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 12 and 43 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c:796:40: warning: ‘%s’ directive output may be truncated writing up to 31 bytes into a region of size 26 [-Wformat-truncation=]
796 | STRNCATF( buf, "type=\"%s\" ", str, len );
| ^~~~~~~~~~~~~~ ~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:796:48: note: format string is defined here
796 | STRNCATF( buf, "type=\"%s\" ", str, len );
| ^~
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 9 and 40 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c: In function ‘format_operand_raw’:
src/third_party/libdisasm/x86_format.c:909:40: warning: ‘%s’ directive output may be truncated writing up to 63 bytes into a region of size 32 [-Wformat-truncation=]
909 | STRNCATF( buf, "%s|", str, len );
| ^~~~~ ~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:909:41: note: format string is defined here
909 | STRNCATF( buf, "%s|", str, len );
| ^~
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 2 and 65 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c:899:40: warning: ‘%s’ directive output may be truncated writing up to 63 bytes into a region of size 32 [-Wformat-truncation=]
899 | STRNCATF( buf, "%s:", str, len );
| ^~~~~ ~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:899:41: note: format string is defined here
899 | STRNCATF( buf, "%s:", str, len );
| ^~
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 2 and 65 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c: In function ‘format_operand_att’:
src/third_party/libdisasm/x86_format.c:659:40: warning: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Wformat-truncation=]
659 | STRNCATF( buf, "$%s", str, len );
| ^~~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:659:44: note: format string is defined here
659 | STRNCATF( buf, "$%s", str, len );
| ^
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 2 and 33 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c: In function ‘format_insn_note’:
src/third_party/libdisasm/x86_format.c:1108:24: warning: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Wformat-truncation=]
1108 | STRNCATF( buf, "%s|", note, len );
| ^~~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:1108:28: note: format string is defined here
1108 | STRNCATF( buf, "%s|", note, len );
| ^
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 2 and 33 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c: In function ‘format_raw_insn’:
src/third_party/libdisasm/x86_format.c:1141:24: warning: ‘|’ directive output may be truncated writing 1 byte into a region of size between 0 and 31 [-Wformat-truncation=]
1141 | STRNCATF( buf, "|%s|", insn->prefix_string , len );
| ^~~~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:1141:28: note: format string is defined here
1141 | STRNCATF( buf, "|%s|", insn->prefix_string , len );
| ^
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 3 and 34 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c: In function ‘format_xml_insn’:
src/third_party/libdisasm/x86_format.c:1181:24: warning: ‘%s’ directive output may be truncated writing up to 31 bytes into a region of size 22 [-Wformat-truncation=]
1181 | STRNCATF( buf, "\" string=\"%s\"/>\n", insn->prefix_string, len );
| ^~~~~~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:1181:37: note: format string is defined here
1181 | STRNCATF( buf, "\" string=\"%s\"/>\n", insn->prefix_string, len );
| ^~
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 15 and 46 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c: In function ‘x86_format_insn’:
src/third_party/libdisasm/x86_format.c:1410:40: warning: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Wformat-truncation=]
1410 | STRNCATF( buf, "%s\t", str, len );
| ^~~~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:1410:45: note: format string is defined here
1410 | STRNCATF( buf, "%s\t", str, len );
| ^
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 2 and 33 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c:1417:40: warning: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Wformat-truncation=]
1417 | STRNCATF( buf, "%s\t", str, len );
| ^~~~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:1417:45: note: format string is defined here
1417 | STRNCATF( buf, "%s\t", str, len );
| ^
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 2 and 33 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~
src/third_party/libdisasm/x86_format.c:1342:32: warning: ‘__builtin___snprintf_chk’ output may be truncated before the last format character [-Wformat-truncation=]
1342 | STRNCATF( buf, "%s\t", str, len);
| ^~~~~~
src/third_party/libdisasm/x86_format.c:34:38: note: in definition of macro ‘STRNCATF’
34 | snprintf( _tmp, sizeof _tmp, fmt, data ); \
| ^~~
src/third_party/libdisasm/x86_format.c:1342:37: note: format string is defined here
1342 | STRNCATF( buf, "%s\t", str, len);
| ^
In file included from /usr/include/stdio.h:894,
from src/third_party/libdisasm/x86_format.c:1:
/usr/include/x86_64-linux-gnu/bits/stdio2.h:71:10: note: ‘__builtin___snprintf_chk’ output between 2 and 33 bytes into a destination of size 32
71 | return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
72 | __glibc_objsize (__s), __fmt,
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
73 | __va_arg_pack ());
| ~~~~~~~~~~~~~~~~~