Hi Michael, These changes are a bit odd. The only reason a standards-compliant snprintf() would fail to nul-terminate a buffer is if the provided buffer had length zero. Since this is not the case in any of these uses, I wonder why this revision was made? Does a SCTP downstream have a broken snprintf implementation, and if so, wouldn't it make more sense to create a standards-compliant portability shim for that platform instead of this more invasive change?
FreeBSD's snprintf(9) does not have this bug, nor does its snprintf(3). Best regards, Conrad On Mon, May 18, 2020 at 3:07 AM Michael Tuexen <tue...@freebsd.org> wrote: > > Author: tuexen > Date: Mon May 18 10:07:01 2020 > New Revision: 361209 > URL: https://svnweb.freebsd.org/changeset/base/361209 > > Log: > Handle failures of snprintf(). > > MFC after: 3 days > > Modified: > head/sys/netinet/sctp_asconf.c > head/sys/netinet/sctp_indata.c > head/sys/netinet/sctp_input.c > head/sys/netinet/sctp_output.c > head/sys/netinet/sctp_pcb.c > > Modified: head/sys/netinet/sctp_asconf.c > ============================================================================== > --- head/sys/netinet/sctp_asconf.c Mon May 18 09:46:51 2020 > (r361208) > +++ head/sys/netinet/sctp_asconf.c Mon May 18 10:07:01 2020 > (r361209) > @@ -1706,8 +1706,9 @@ sctp_handle_asconf_ack(struct mbuf *m, int offset, > char msg[SCTP_DIAG_INFO_LEN]; > > SCTPDBG(SCTP_DEBUG_ASCONF1, "handle_asconf_ack: got > unexpected next serial number! Aborting asoc!\n"); > - snprintf(msg, sizeof(msg), "Never sent serial number %8.8x", > - serial_num); > + if (snprintf(msg, sizeof(msg), "Never sent serial number > %8.8x", serial_num) < 0) { > + msg[0] = '\0'; > + } > op_err = sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, > msg); > sctp_abort_an_association(stcb->sctp_ep, stcb, op_err, > SCTP_SO_NOT_LOCKED); > *abort_no_unlock = 1; > > Modified: head/sys/netinet/sctp_indata.c > ============================================================================== > --- head/sys/netinet/sctp_indata.c Mon May 18 09:46:51 2020 > (r361208) > +++ head/sys/netinet/sctp_indata.c Mon May 18 10:07:01 2020 > (r361209) > @@ -434,22 +434,26 @@ sctp_abort_in_reasm(struct sctp_tcb *stcb, > struct mbuf *oper; > > if (stcb->asoc.idata_supported) { > - snprintf(msg, sizeof(msg), > + if (snprintf(msg, sizeof(msg), > "Reass %x,CF:%x,TSN=%8.8x,SID=%4.4x,FSN=%8.8x,MID:%8.8x", > opspot, > control->fsn_included, > chk->rec.data.tsn, > chk->rec.data.sid, > - chk->rec.data.fsn, chk->rec.data.mid); > + chk->rec.data.fsn, chk->rec.data.mid) < 0) { > + msg[0] = '\0'; > + } > } else { > - snprintf(msg, sizeof(msg), > + if (snprintf(msg, sizeof(msg), > "Reass %x,CI:%x,TSN=%8.8x,SID=%4.4x,FSN=%4.4x,SSN:%4.4x", > opspot, > control->fsn_included, > chk->rec.data.tsn, > chk->rec.data.sid, > chk->rec.data.fsn, > - (uint16_t)chk->rec.data.mid); > + (uint16_t)chk->rec.data.mid) < 0) { > + msg[0] = '\0'; > + } > } > oper = sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, msg); > sctp_m_freem(chk->data); > @@ -533,15 +537,19 @@ sctp_queue_data_to_stream(struct sctp_tcb *stcb, > */ > TAILQ_INSERT_HEAD(&strm->inqueue, control, next_instrm); > if (asoc->idata_supported) { > - snprintf(msg, sizeof(msg), "Delivered MID=%8.8x, got > TSN=%8.8x, SID=%4.4x, MID=%8.8x", > + if (snprintf(msg, sizeof(msg), "Delivered MID=%8.8x, > got TSN=%8.8x, SID=%4.4x, MID=%8.8x", > strm->last_mid_delivered, control->sinfo_tsn, > - control->sinfo_stream, control->mid); > + control->sinfo_stream, control->mid) < 0) { > + msg[0] = '\0'; > + } > } else { > - snprintf(msg, sizeof(msg), "Delivered SSN=%4.4x, got > TSN=%8.8x, SID=%4.4x, SSN=%4.4x", > + if (snprintf(msg, sizeof(msg), "Delivered SSN=%4.4x, > got TSN=%8.8x, SID=%4.4x, SSN=%4.4x", > (uint16_t)strm->last_mid_delivered, > control->sinfo_tsn, > control->sinfo_stream, > - (uint16_t)control->mid); > + (uint16_t)control->mid) < 0) { > + msg[0] = '\0'; > + } > } > op_err = sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, > msg); > stcb->sctp_ep->last_abort_code = SCTP_FROM_SCTP_INDATA + > SCTP_LOC_2; > @@ -648,9 +656,10 @@ sctp_queue_data_to_stream(struct sctp_tcb *stcb, > * to put it on the queue. > */ > if (sctp_place_control_in_stream(strm, asoc, control)) { > - snprintf(msg, sizeof(msg), > - "Queue to str MID: %u duplicate", > - control->mid); > + if (snprintf(msg, sizeof(msg), > + "Queue to str MID: %u duplicate", control->mid) < > 0) { > + msg[0] = '\0'; > + } > sctp_clean_up_control(stcb, control); > op_err = > sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, msg); > stcb->sctp_ep->last_abort_code = > SCTP_FROM_SCTP_INDATA + SCTP_LOC_3; > @@ -1881,8 +1890,9 @@ sctp_process_a_data_chunk(struct sctp_tcb *stcb, struc > * can *not* be fsn 0. XXX: This can happen in case of a > * wrap around. Ignore is for now. > */ > - snprintf(msg, sizeof(msg), "FSN zero for MID=%8.8x, but > flags=%2.2x", > - mid, chk_flags); > + if (snprintf(msg, sizeof(msg), "FSN zero for MID=%8.8x, but > flags=%2.2x", mid, chk_flags) < 0) { > + msg[0] = '\0'; > + } > goto err_out; > } > control = sctp_find_reasm_entry(&asoc->strmin[sid], mid, ordered, > asoc->idata_supported); > @@ -1893,7 +1903,9 @@ sctp_process_a_data_chunk(struct sctp_tcb *stcb, struc > if (control != NULL) { > /* We found something, does it belong? */ > if (ordered && (mid != control->mid)) { > - snprintf(msg, sizeof(msg), "Reassembly > problem (MID=%8.8x)", mid); > + if (snprintf(msg, sizeof(msg), "Reassembly > problem (MID=%8.8x)", mid) < 0) { > + msg[0] = '\0'; > + } > err_out: > op_err = > sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, msg); > stcb->sctp_ep->last_abort_code = > SCTP_FROM_SCTP_INDATA + SCTP_LOC_16; > @@ -1906,8 +1918,11 @@ sctp_process_a_data_chunk(struct sctp_tcb *stcb, struc > * We can't have a switched order with an > * unordered chunk > */ > - snprintf(msg, sizeof(msg), "All fragments of > a user message must be ordered or unordered (TSN=%8.8x)", > - tsn); > + if (snprintf(msg, sizeof(msg), > + "All fragments of a user message must be > ordered or unordered (TSN=%8.8x)", > + tsn) < 0) { > + msg[0] = '\0'; > + } > goto err_out; > } > if (!ordered && (((control->sinfo_flags >> 8) & > SCTP_DATA_UNORDERED) == 0)) { > @@ -1915,8 +1930,11 @@ sctp_process_a_data_chunk(struct sctp_tcb *stcb, struc > * We can't have a switched unordered with a > * ordered chunk > */ > - snprintf(msg, sizeof(msg), "All fragments of > a user message must be ordered or unordered (TSN=%8.8x)", > - tsn); > + if (snprintf(msg, sizeof(msg), > + "All fragments of a user message must be > ordered or unordered (TSN=%8.8x)", > + tsn) < 0) { > + msg[0] = '\0'; > + } > goto err_out; > } > } > @@ -1930,12 +1948,18 @@ sctp_process_a_data_chunk(struct sctp_tcb *stcb, struc > if (ordered || asoc->idata_supported) { > SCTPDBG(SCTP_DEBUG_XXX, "chunk_flags: 0x%x > dup detected on MID: %u\n", > chk_flags, mid); > - snprintf(msg, sizeof(msg), "Duplicate > MID=%8.8x detected.", mid); > + if (snprintf(msg, sizeof(msg), "Duplicate > MID=%8.8x detected.", mid) < 0) { > + msg[0] = '\0'; > + } > goto err_out; > } else { > if ((tsn == control->fsn_included + 1) && > (control->end_added == 0)) { > - snprintf(msg, sizeof(msg), "Illegal > message sequence, missing end for MID: %8.8x", control->fsn_included); > + if (snprintf(msg, sizeof(msg), > + "Illegal message sequence, > missing end for MID: %8.8x", > + control->fsn_included) < 0) { > + msg[0] = '\0'; > + } > goto err_out; > } else { > control = NULL; > @@ -2032,17 +2056,21 @@ sctp_process_a_data_chunk(struct sctp_tcb *stcb, struc > mid, asoc->strmin[sid].last_mid_delivered); > > if (asoc->idata_supported) { > - snprintf(msg, sizeof(msg), "Delivered MID=%8.8x, got > TSN=%8.8x, SID=%4.4x, MID=%8.8x", > + if (snprintf(msg, sizeof(msg), "Delivered MID=%8.8x, > got TSN=%8.8x, SID=%4.4x, MID=%8.8x", > asoc->strmin[sid].last_mid_delivered, > tsn, > sid, > - mid); > + mid) < 0) { > + msg[0] = '\0'; > + } > } else { > - snprintf(msg, sizeof(msg), "Delivered SSN=%4.4x, got > TSN=%8.8x, SID=%4.4x, SSN=%4.4x", > + if (snprintf(msg, sizeof(msg), "Delivered SSN=%4.4x, > got TSN=%8.8x, SID=%4.4x, SSN=%4.4x", > (uint16_t)asoc->strmin[sid].last_mid_delivered, > tsn, > sid, > - (uint16_t)mid); > + (uint16_t)mid) < 0) { > + msg[0] = '\0'; > + } > } > op_err = sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, > msg); > stcb->sctp_ep->last_abort_code = SCTP_FROM_SCTP_INDATA + > SCTP_LOC_17; > @@ -2769,7 +2797,9 @@ sctp_process_data(struct mbuf **mm, int iphlen, int *o > struct mbuf *op_err; > char msg[SCTP_DIAG_INFO_LEN]; > > - snprintf(msg, sizeof(msg), "%s", "I-DATA chunk > received when DATA was negotiated"); > + if (snprintf(msg, sizeof(msg), "%s", "I-DATA chunk > received when DATA was negotiated") < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, msg); > stcb->sctp_ep->last_abort_code = > SCTP_FROM_SCTP_INDATA + SCTP_LOC_20; > sctp_abort_an_association(inp, stcb, op_err, > SCTP_SO_NOT_LOCKED); > @@ -2780,7 +2810,9 @@ sctp_process_data(struct mbuf **mm, int iphlen, int *o > struct mbuf *op_err; > char msg[SCTP_DIAG_INFO_LEN]; > > - snprintf(msg, sizeof(msg), "%s", "DATA chunk received > when I-DATA was negotiated"); > + if (snprintf(msg, sizeof(msg), "%s", "DATA chunk > received when I-DATA was negotiated") < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, msg); > stcb->sctp_ep->last_abort_code = > SCTP_FROM_SCTP_INDATA + SCTP_LOC_21; > sctp_abort_an_association(inp, stcb, op_err, > SCTP_SO_NOT_LOCKED); > @@ -2803,9 +2835,11 @@ sctp_process_data(struct mbuf **mm, int iphlen, int *o > struct mbuf *op_err; > char msg[SCTP_DIAG_INFO_LEN]; > > - snprintf(msg, sizeof(msg), "%s chunk of > length %u", > + if (snprintf(msg, sizeof(msg), "%s chunk of > length %u", > ch->chunk_type == SCTP_DATA ? "DATA" : > "I-DATA", > - chk_length); > + chk_length) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, msg); > stcb->sctp_ep->last_abort_code = > SCTP_FROM_SCTP_INDATA + SCTP_LOC_22; > sctp_abort_an_association(inp, stcb, op_err, > SCTP_SO_NOT_LOCKED); > @@ -2874,8 +2908,10 @@ sctp_process_data(struct mbuf **mm, int iphlen, int *o > struct mbuf *op_err; > char msg[SCTP_DIAG_INFO_LEN]; > > - snprintf(msg, sizeof(msg), "DATA > chunk followed by chunk of type %2.2x", > - ch->chunk_type); > + if (snprintf(msg, sizeof(msg), "DATA > chunk followed by chunk of type %2.2x", > + ch->chunk_type) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, msg); > sctp_abort_an_association(inp, stcb, > op_err, SCTP_SO_NOT_LOCKED); > return (2); > @@ -2893,8 +2929,9 @@ sctp_process_data(struct mbuf **mm, int iphlen, int *o > struct mbuf *op_err; > char msg[SCTP_DIAG_INFO_LEN]; > > - snprintf(msg, sizeof(msg), "Chunk of > length %u", > - chk_length); > + if (snprintf(msg, sizeof(msg), "Chunk > of length %u", chk_length) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, msg); > stcb->sctp_ep->last_abort_code = > SCTP_FROM_SCTP_INDATA + SCTP_LOC_23; > sctp_abort_an_association(inp, stcb, > op_err, SCTP_SO_NOT_LOCKED); > @@ -4043,8 +4080,11 @@ sctp_express_handle_sack(struct sctp_tcb *stcb, uint32 > > *abort_now = 1; > /* XXX */ > - snprintf(msg, sizeof(msg), "Cum ack %8.8x greater or equal > than TSN %8.8x", > - cumack, send_s); > + if (snprintf(msg, sizeof(msg), > + "Cum ack %8.8x greater or equal than TSN %8.8x", > + cumack, send_s) < 0) { > + msg[0] = '\0'; > + } > op_err = sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, > msg); > stcb->sctp_ep->last_abort_code = SCTP_FROM_SCTP_INDATA + > SCTP_LOC_24; > sctp_abort_an_association(stcb->sctp_ep, stcb, op_err, > SCTP_SO_NOT_LOCKED); > @@ -4585,8 +4625,11 @@ sctp_handle_sack(struct mbuf *m, int offset_seg, int o > hopeless_peer: > *abort_now = 1; > /* XXX */ > - snprintf(msg, sizeof(msg), "Cum ack %8.8x greater or equal > than TSN %8.8x", > - cum_ack, send_s); > + if (snprintf(msg, sizeof(msg), > + "Cum ack %8.8x greater or equal than TSN %8.8x", > + cum_ack, send_s) < 0) { > + msg[0] = '\0'; > + } > op_err = sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, > msg); > stcb->sctp_ep->last_abort_code = SCTP_FROM_SCTP_INDATA + > SCTP_LOC_28; > sctp_abort_an_association(stcb->sctp_ep, stcb, op_err, > SCTP_SO_NOT_LOCKED); > @@ -5629,9 +5672,11 @@ sctp_handle_forward_tsn(struct sctp_tcb *stcb, > * give out). This must be an attacker. > */ > *abort_flag = 1; > - snprintf(msg, sizeof(msg), > + if (snprintf(msg, sizeof(msg), > "New cum ack %8.8x too high, highest TSN %8.8x", > - new_cum_tsn, asoc->highest_tsn_inside_map); > + new_cum_tsn, asoc->highest_tsn_inside_map) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_CAUSE_PROTOCOL_VIOLATION, msg); > stcb->sctp_ep->last_abort_code = > SCTP_FROM_SCTP_INDATA + SCTP_LOC_36; > sctp_abort_an_association(stcb->sctp_ep, stcb, > op_err, SCTP_SO_NOT_LOCKED); > > Modified: head/sys/netinet/sctp_input.c > ============================================================================== > --- head/sys/netinet/sctp_input.c Mon May 18 09:46:51 2020 > (r361208) > +++ head/sys/netinet/sctp_input.c Mon May 18 10:07:01 2020 > (r361209) > @@ -4692,7 +4692,9 @@ sctp_process_control(struct mbuf *m, int iphlen, int * > } > } > if (stcb == NULL) { > - snprintf(msg, sizeof(msg), "OOTB, %s:%d at %s", > __FILE__, __LINE__, __func__); > + if (snprintf(msg, sizeof(msg), "OOTB, %s:%d at %s", > __FILE__, __LINE__, __func__) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), > msg); > /* no association, so it's out of the blue... */ > @@ -4734,7 +4736,9 @@ sctp_process_control(struct mbuf *m, int iphlen, int * > if (stcb != NULL) { > SCTP_TCB_UNLOCK(stcb); > } > - snprintf(msg, sizeof(msg), "OOTB, %s:%d at > %s", __FILE__, __LINE__, __func__); > + if (snprintf(msg, sizeof(msg), "OOTB, %s:%d > at %s", __FILE__, __LINE__, __func__) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), > msg); > sctp_handle_ootb(m, iphlen, *offset, src, dst, > @@ -5671,7 +5675,9 @@ sctp_common_input_processing(struct mbuf **mm, int iph > SCTP_TCB_UNLOCK(stcb); > stcb = NULL; > SCTP_PROBE5(receive, NULL, stcb, m, stcb, sh); > - snprintf(msg, sizeof(msg), "OOTB, %s:%d at %s", > __FILE__, __LINE__, __func__); > + if (snprintf(msg, sizeof(msg), "OOTB, %s:%d at %s", > __FILE__, __LINE__, __func__) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), > msg); > sctp_handle_ootb(m, iphlen, offset, src, dst, sh, > inp, op_err, > @@ -5733,7 +5739,9 @@ sctp_common_input_processing(struct mbuf **mm, int iph > if (stcb == NULL) { > /* out of the blue DATA chunk */ > SCTP_PROBE5(receive, NULL, NULL, m, NULL, sh); > - snprintf(msg, sizeof(msg), "OOTB, %s:%d at %s", > __FILE__, __LINE__, __func__); > + if (snprintf(msg, sizeof(msg), "OOTB, %s:%d at %s", > __FILE__, __LINE__, __func__) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), > msg); > sctp_handle_ootb(m, iphlen, offset, src, dst, sh, > inp, op_err, > @@ -5799,7 +5807,9 @@ sctp_common_input_processing(struct mbuf **mm, int iph > /* > * We consider OOTB any data sent during asoc setup. > */ > - snprintf(msg, sizeof(msg), "OOTB, %s:%d at %s", > __FILE__, __LINE__, __func__); > + if (snprintf(msg, sizeof(msg), "OOTB, %s:%d at %s", > __FILE__, __LINE__, __func__) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), > msg); > sctp_handle_ootb(m, iphlen, offset, src, dst, sh, > inp, op_err, > > Modified: head/sys/netinet/sctp_output.c > ============================================================================== > --- head/sys/netinet/sctp_output.c Mon May 18 09:46:51 2020 > (r361208) > +++ head/sys/netinet/sctp_output.c Mon May 18 10:07:01 2020 > (r361209) > @@ -5581,7 +5581,9 @@ do_a_abort: > if (op_err == NULL) { > char msg[SCTP_DIAG_INFO_LEN]; > > - snprintf(msg, sizeof(msg), "%s:%d at %s", __FILE__, > __LINE__, __func__); > + if (snprintf(msg, sizeof(msg), "%s:%d at %s", > __FILE__, __LINE__, __func__) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), > msg); > } > @@ -6758,8 +6760,10 @@ sctp_sendall_iterator(struct sctp_inpcb *inp, struct s > char msg[SCTP_DIAG_INFO_LEN]; > > abort_anyway: > - snprintf(msg, sizeof(msg), > - "%s:%d at %s", __FILE__, > __LINE__, __func__); > + if (snprintf(msg, sizeof(msg), > + "%s:%d at %s", __FILE__, > __LINE__, __func__) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), > msg); > > atomic_add_int(&stcb->asoc.refcnt, 1); > @@ -9626,8 +9630,10 @@ sctp_chunk_retransmission(struct sctp_inpcb *inp, > struct mbuf *op_err; > char msg[SCTP_DIAG_INFO_LEN]; > > - snprintf(msg, sizeof(msg), "TSN %8.8x retransmitted > %d times, giving up", > - chk->rec.data.tsn, chk->snd_count); > + if (snprintf(msg, sizeof(msg), "TSN %8.8x > retransmitted %d times, giving up", > + chk->rec.data.tsn, chk->snd_count) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), > msg); > atomic_add_int(&stcb->asoc.refcnt, 1); > @@ -13610,8 +13616,10 @@ dataless_eof: > > atomic_add_int(&stcb->asoc.refcnt, -1); > free_cnt_applied = 0; > } > - snprintf(msg, sizeof(msg), > - "%s:%d at %s", __FILE__, > __LINE__, __func__); > + if (snprintf(msg, sizeof(msg), > + "%s:%d at %s", __FILE__, > __LINE__, __func__) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), > msg); > NET_EPOCH_ENTER(et); > > Modified: head/sys/netinet/sctp_pcb.c > ============================================================================== > --- head/sys/netinet/sctp_pcb.c Mon May 18 09:46:51 2020 (r361208) > +++ head/sys/netinet/sctp_pcb.c Mon May 18 10:07:01 2020 (r361209) > @@ -544,9 +544,13 @@ sctp_add_addr_to_vrf(uint32_t vrf_id, void *ifn, uint3 > atomic_add_int(&vrf->refcount, 1); > sctp_ifnp->ifn_mtu = SCTP_GATHER_MTU_FROM_IFN_INFO(ifn, > ifn_index, addr->sa_family); > if (if_name != NULL) { > - snprintf(sctp_ifnp->ifn_name, SCTP_IFNAMSIZ, "%s", > if_name); > + if (snprintf(sctp_ifnp->ifn_name, SCTP_IFNAMSIZ, > "%s", if_name) < 0) { > + sctp_ifnp->ifn_name[0] = '\0'; > + } > } else { > - snprintf(sctp_ifnp->ifn_name, SCTP_IFNAMSIZ, "%s", > "unknown"); > + if (snprintf(sctp_ifnp->ifn_name, SCTP_IFNAMSIZ, > "%s", "unknown") < 0) { > + sctp_ifnp->ifn_name[0] = '\0'; > + } > } > hash_ifn_head = &SCTP_BASE_INFO(vrf_ifn_hash)[(ifn_index & > SCTP_BASE_INFO(vrf_ifn_hashmark))]; > LIST_INIT(&sctp_ifnp->ifalist); > @@ -6221,8 +6225,10 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, s > * in setup state we > * abort this guy > */ > - snprintf(msg, > sizeof(msg), > - "%s:%d at %s", > __FILE__, __LINE__, __func__); > + if (snprintf(msg, > sizeof(msg), > + "%s:%d at %s", > __FILE__, __LINE__, __func__) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), > msg); > > sctp_abort_an_association(stcb_tmp->sctp_ep, > @@ -6321,8 +6327,10 @@ sctp_load_addresses_from_init(struct sctp_tcb *stcb, s > * in setup state we > * abort this guy > */ > - snprintf(msg, > sizeof(msg), > - "%s:%d at %s", > __FILE__, __LINE__, __func__); > + if (snprintf(msg, > sizeof(msg), > + "%s:%d at %s", > __FILE__, __LINE__, __func__) < 0) { > + msg[0] = '\0'; > + } > op_err = > sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), > msg); > > sctp_abort_an_association(stcb_tmp->sctp_ep, _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
