Kind of fixes coverity issue
1191758 since there was a bad check but the
reported issue does not makes sense since there is in fact a validation
before writing the string making the "len" variable never able to reach
4096 (PATH_MAX).
Signed-off-by: David Goulet <dgoulet@efficios.com>
provided_path = lttng_save_session_attr_get_output_url(attr);
if (provided_path) {
len = strlen(provided_path);
provided_path = lttng_save_session_attr_get_output_url(attr);
if (provided_path) {
len = strlen(provided_path);
+ if (len >= sizeof(config_file_path)) {
ret = LTTNG_ERR_SET_URL;
goto end;
}
ret = LTTNG_ERR_SET_URL;
goto end;
}
- ret_len = snprintf(config_file_path, PATH_MAX,
+ ret_len = snprintf(config_file_path, sizeof(config_file_path),
DEFAULT_SESSION_HOME_CONFIGPATH, home_dir);
free(home_dir);
if (ret_len < 0) {
DEFAULT_SESSION_HOME_CONFIGPATH, home_dir);
free(home_dir);
if (ret_len < 0) {
- * Check the path fits in PATH_MAX, including the / followed by trailing
- * .lttng extension and the NULL terminated string.
+ * Check the path fits in the config file path dst including the '/'
+ * followed by trailing .lttng extension and the NULL terminated string.
- if (len + session_name_len + 2 +
- sizeof(DEFAULT_SESSION_CONFIG_FILE_EXTENSION) > PATH_MAX) {
+ if ((len + session_name_len + 2 +
+ sizeof(DEFAULT_SESSION_CONFIG_FILE_EXTENSION))
+ > sizeof(config_file_path)) {
ret = LTTNG_ERR_SET_URL;
goto end;
}
ret = LTTNG_ERR_SET_URL;
goto end;
}
+ /*
+ * At this point, we know that everything fits in the buffer. Validation
+ * was done just above.
+ */
config_file_path[len++] = '/';
strncpy(config_file_path + len, session->name, session_name_len);
len += session_name_len;
config_file_path[len++] = '/';
strncpy(config_file_path + len, session->name, session_name_len);
len += session_name_len;