Cleanup dump_bookmarks()
Assertions are meant to check assumptions, but the way that this assertion is written does not check an assumption, since it is provably always true. Removing the assertion will cause a compiler warning (made into an error by -Werror) about printing up to 512 bytes to a 256-byte buffer, so instead, we change the assertion to verify the assumption that we never do a snprintf() that is truncated to avoid overrunning the 256-byte buffer. This was caught by an audit of the codebase to look for misuse of `snprintf()` after CodeQL reported that we had misused `snprintf()`. An explanation of how snprintf() can be misused is here: https://www.redhat.com/en/blog/trouble-snprintf This particular instance did not misuse `snprintf()`, but it was caught by the audit anyway. Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu> Closes #14098
This commit is contained in:
parent
d71d693261
commit
2e08df84d8
|
@ -2858,9 +2858,11 @@ dump_bookmarks(objset_t *os, int verbosity)
|
|||
zap_cursor_advance(&zc)) {
|
||||
char osname[ZFS_MAX_DATASET_NAME_LEN];
|
||||
char buf[ZFS_MAX_DATASET_NAME_LEN];
|
||||
int len;
|
||||
dmu_objset_name(os, osname);
|
||||
VERIFY3S(0, <=, snprintf(buf, sizeof (buf), "%s#%s", osname,
|
||||
attr.za_name));
|
||||
len = snprintf(buf, sizeof (buf), "%s#%s", osname,
|
||||
attr.za_name);
|
||||
VERIFY3S(len, <, ZFS_MAX_DATASET_NAME_LEN);
|
||||
(void) dump_bookmark(dp, buf, verbosity >= 5, verbosity >= 6);
|
||||
}
|
||||
zap_cursor_fini(&zc);
|
||||
|
|
Loading…
Reference in New Issue