Hi, On Wed, Oct 5, 2022 at 3:23 PM Alexander Aring <[email protected]> wrote: > > While debugging I came across a rare off by one when the snprintf() > filled string _exactly_ matched the size (with '\0') and we return the > bytes written without \0. We will then write a "\n\0" pattern at the > end but when the string exactly matched there is missing byte in the > calculation of the "\n\0" pattern because the return value only reduced > the size by one. To fix that we substract -1 from the return value of > snprintf() to have at the end two bytes for the "\n\0" pattern. If we > would hit the case that the buffer exactly matched we truncate the > string by one byte because we need to fit '\n' and '\0' into the buffer. > --- > v2: > - remove sob. > - only really do the truncate of one byte when the buffer would exact > match which is the given size and the returned size + 1 ('\0'). > > dlm_controld/logging.c | 10 +++++++--- > 1 file changed, 7 insertions(+), 3 deletions(-) > > diff --git a/dlm_controld/logging.c b/dlm_controld/logging.c > index 2c57138c..bfd7d274 100644 > --- a/dlm_controld/logging.c > +++ b/dlm_controld/logging.c > @@ -181,10 +181,14 @@ void log_level(char *name_in, uint32_t level_in, const > char *fmt, ...) > ret = vsnprintf(log_str + pos, len - pos, fmt, ap); > va_end(ap); > > - if (ret >= len - pos) > + if (ret >= len - pos) { > pos = len - 1; > - else > - pos += ret; > + } else { > + if (ret + 1 == len - pos) > + pos += ret - 1;
I will drop this patch, this case is being handled in the parent if branch and sets len-1 which truncates the string... - Alex
