[LTP] [PATCH v3 04/16] API/cgroup: Implement tst_cg_load_config
Richard Palethorpe
rpalethorpe@suse.de
Thu Mar 17 08:07:49 CET 2022
Hello Luke,
>
> Thank you for pointing all these things out. I forgot about all the shenanigans that can happen when you don't sanity check string stuff :)
>
> A few solutions to creating the scanff format are:
> 1) pre-processor trick to concatenate defines into a string, something like this
> #define _tostr(str) #str
> #define tostr(str) _tostr(str)
> #define CONFIG_FORMAT "%" tostr(CTRL_NAME_MAX) "s\t%d\t%d\t%" tostr(PATH_MAX) "s\t%d\t%d\t%" tostr(NAME_MAX) "s"
>
> 2) just hardcode the lengths to avoid all of this nonsense above
I would have done 2 in this case, but you figured out 1, so feel free to
use that. In fact that would be a nice addition to LTP's standard macros
(but with TST_ prefix).
Just note that the maximum conversion length doesn't include
the null character. scanf will write the null character after the
maximum conversion length. Also I'm not sure the field length comes
after '%' or that you use 's' with a length; possibly it should be
'%c63' to scan a 64 byte null terminated string. However please double
check the man page.
>
> 3) just create the format at runtime
IIRC this is considered unsafe and will result in warnings and errors.
>
> I'm more or less asking what you think is best to avoid sending out all of the patches and then discussing this / if there is a better way.
>
--
Thank you,
Richard.
More information about the ltp
mailing list