From patchwork Wed Mar 4 11:04:49 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 4794 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7001:a68f:b0:83c:d90d:321 with SMTP id wf15csp139615mab; Wed, 4 Mar 2026 03:05:19 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCWmZ683b/uAS1aePIjrPSqBN1vkIIbMDLBb1Wg9voh/fIkhOp6xPSdng2fWPOM8hlOBJUs3mDt7WC4=@openvpn.net X-Received: by 2002:a9d:66d0:0:b0:7d5:c394:e106 with SMTP id 46e09a7af769-7d5c394e330mr1404976a34.16.1772622319500; Wed, 04 Mar 2026 03:05:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1772622319; cv=none; d=google.com; s=arc-20240605; b=cWOqDxGvJV7S1fqmbnDbXJJ+WLoPYVA7RTLBXzWMT6le7fewW6gzrxW4ODq4Jf2p3+ bzYHkGGgjhckUsrh9y4rv98Dw2AXSlyW1VobP9tiiT5ho2MkE0wlIxRqdHGycScrWhAT nyuTSDcsmuv+FRBS6qX71V14FditV0FsRca1hLnjG09/Govs8DDH41DS45aPumHOnC96 Lu2u8BGswKbpswe1Pi5SJ68ufk2o1lOW058/3vyegl0Q4/UrLTnzSPC+bH+Qz8A71+9v IL97/5TROLQsQQMMiQuGWP6OWc0WOoZAqoHsb6/zwxd2hb4Ku2ss9VEXxWe2BV7aC66t YbyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature:dkim-signature; bh=RLGyD/5QxWkQAraEdy4E5jW4YgRsJgPy0vXXktJ62Ok=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=BqIwKQPXzjl6vkpl1wUW+Sbfdc6tOFp7/LbprRTj86IpnEV2l5UeJhq2qUMj3KX4+h Sc3SSlq0N3DdzFzSA3/huSaXuARxZFk4Y1OeUXjlVSk5S33sNCCQbjzuCh/iPm8FyAEo kU+PLO0uL7tGrKhG7dB+3fpImR5GHFqq3+1iDpUP3GRbUHOZXxFeY9Z6Uknosp+mPAii FELs7O6d5DqCnO8xvEtt0K/bhfXvtUsGyDz4vdyY/aOoKJWHdlroYEpNCJ4ohp+HFDQX BFu+nTw+3PMBMHleUGOwTdyWEklDobpXMf/39vKsWX8S3yrvA8WJaFDw5ylgO7+5mQOv xpsQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=Gbn6nfLe; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=HUBTdYHq; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=KqEZNdjK; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 46e09a7af769-7d58644dd7fsi12326833a34.1.2026.03.04.03.05.19 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 04 Mar 2026 03:05:19 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=pass header.i=@lists.sourceforge.net header.s=beta header.b=Gbn6nfLe; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=HUBTdYHq; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=KqEZNdjK; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=muc.de DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.sourceforge.net; s=beta; h=Content-Transfer-Encoding:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id: Subject:MIME-Version:References:In-Reply-To:Message-ID:Date:To:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=RLGyD/5QxWkQAraEdy4E5jW4YgRsJgPy0vXXktJ62Ok=; b=Gbn6nfLeI6cPsv5ra8u+yEKEHg btDOLjEt1NNuzs1+vilgnISXIZec4VW8LZRUtJN2Feqk70Zw3OKWswnHCfm2DzjBEBjzMc4c8Ku/L WI6eo0io4vEoiGOPU0pBI9jbeB9aTnWuNkP7vSe7U4AZl0l2imIZm3jJfkLmAp8jdR8E=; Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1vxk2Q-0005HB-Ko; Wed, 04 Mar 2026 11:05:10 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1vxk2O-0005H3-RQ for openvpn-devel@lists.sourceforge.net; Wed, 04 Mar 2026 11:05:08 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=ScIYXuo9Fx31x3gnpBKN9Qs/daWpwp9fXQkaEXCb7/I=; b=HUBTdYHqEESvpDVwgqozvEel0m P+7UcJFUUnFcl+FBFHIxOdLiiJRLc4u8u9pUmxJsTuTjhr4HLnmY9FLoHbgaNUBjTRvTaqrL0rHCq Hq+c/KQoDb3mpn5XvbKzZJGdA1gsrxW6H92rh3M0Y9Uvun01BCvh+plBEha5SwcyQ1gY=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=ScIYXuo9Fx31x3gnpBKN9Qs/daWpwp9fXQkaEXCb7/I=; b=KqEZNdjKr5TEtyQnZJQm+ianLq RLqGrNEs2biN5A01avh+QsYpXInXobSA+1MINIsXuByDtuvi5FgZrrs240RcgfXmxpJecGgBP4zdg pgiL3b6pEvReDqiSM8o5vQiUTRoDgruMOOGRDJtgqTFS5Q9+iiPhEN0bo4HuT5DfwCEc=; Received: from [193.149.48.129] (helo=blue.greenie.muc.de) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1vxk2N-0003pt-Jn for openvpn-devel@lists.sourceforge.net; Wed, 04 Mar 2026 11:05:08 +0000 Received: from blue.greenie.muc.de (localhost [127.0.0.1]) by blue.greenie.muc.de (8.18.1/8.18.1) with ESMTP id 624B4uPX015875 for ; Wed, 4 Mar 2026 12:04:56 +0100 Received: (from gert@localhost) by blue.greenie.muc.de (8.18.1/8.18.1/Submit) id 624B4tcr015874 for openvpn-devel@lists.sourceforge.net; Wed, 4 Mar 2026 12:04:55 +0100 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Wed, 4 Mar 2026 12:04:49 +0100 Message-ID: <20260304110455.15859-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.52.0 In-Reply-To: References: MIME-Version: 1.0 X-Spam-Score: 1.3 (+) X-Spam-Report: Spam detection software, running on the system "sfi-spamd-2.hosts.colo.sdot.me", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Frank Lichtenheld This reintroduces a function that converts the result of snprintf to a boolean since the check is always the same but annoyingly verbose. And it gets worse when you add -Wsign-compare. Content analysis details: (1.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 1.3 RDNS_NONE Delivered to internal network by a host with no rDNS X-Headers-End: 1vxk2N-0003pt-Jn Subject: [Openvpn-devel] [PATCH v6] buffer: Add checked_snprintf function and use it in the code X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1858729221149743656?= X-GMAIL-MSGID: =?utf-8?q?1858729221149743656?= From: Frank Lichtenheld This reintroduces a function that converts the result of snprintf to a boolean since the check is always the same but annoyingly verbose. And it gets worse when you add -Wsign-compare. So in preparation of introducing -Wsign-compare wrap this check in the function. This somewhat reverts the removal of openvpn_snprintf. But note that that was originally introduced to work around the broken snprintf of Windows. So this is not exactly the same. For this reason I also classified this as a buffer function and not a compat function. Change-Id: Ia3477b8ee7a637c15aad7f285144280595cda5d5 Signed-off-by: Frank Lichtenheld Acked-by: Gert Doering Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1489 --- This change was reviewed on Gerrit and approved by at least one developer. I request to merge it to master. Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1489 This mail reflects revision 6 of this Change. Acked-by according to Gerrit (reflected above): Gert Doering diff --git a/src/openvpn/buffer.c b/src/openvpn/buffer.c index 12a8ff9..8304fb7 100644 --- a/src/openvpn/buffer.c +++ b/src/openvpn/buffer.c @@ -1134,6 +1134,17 @@ } } +bool +checked_snprintf(char *str, size_t size, const char *format, ...) +{ + va_list arglist; + va_start(arglist, format); + ASSERT(size < INT_MAX); + int len = vsnprintf(str, size, format, arglist); + va_end(arglist); + return (len >= 0 && len < (ssize_t)size); +} + #ifdef VERIFY_ALIGNMENT void valign4(const struct buffer *buf, const char *file, const int line) diff --git a/src/openvpn/buffer.h b/src/openvpn/buffer.h index 7502050..86df1a5 100644 --- a/src/openvpn/buffer.h +++ b/src/openvpn/buffer.h @@ -971,6 +971,29 @@ return 0 == strncmp(str, prefix, strlen(prefix)); } +/** + * Like snprintf() but returns an boolean. + * + * To check the return value of snprintf() one needs to + * do multiple comparisons of the \p size parameter + * against the return value. Doesn't get prettier by + * them being different types with different signedness + * and size. + * + * So this function allows to wrap all of that into one + * boolean return value. + * + * @return true if snprintf() was successful and not truncated. + */ +bool checked_snprintf(char *str, size_t size, const char *format, ...) +#ifdef __GNUC__ +#if __USE_MINGW_ANSI_STDIO + __attribute__((format(gnu_printf, 3, 4))) +#else + __attribute__((format(__printf__, 3, 4))) +#endif +#endif + ; /* * Verify that a pointer is correctly aligned diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index e8931d7..7aaea3d 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -1014,7 +1014,7 @@ { char prefix[256]; - if (snprintf(prefix, sizeof(prefix), "%s:%d", func, line) >= sizeof(prefix)) + if (!checked_snprintf(prefix, sizeof(prefix), "%s:%d", func, line)) { return mbed_log_err(flags, errval, func); } @@ -1104,11 +1104,11 @@ char header[1000 + 1] = { 0 }; char footer[1000 + 1] = { 0 }; - if (snprintf(header, sizeof(header), "-----BEGIN %s-----\n", name) >= sizeof(header)) + if (!checked_snprintf(header, sizeof(header), "-----BEGIN %s-----\n", name)) { return false; } - if (snprintf(footer, sizeof(footer), "-----END %s-----\n", name) >= sizeof(footer)) + if (!checked_snprintf(footer, sizeof(footer), "-----END %s-----\n", name)) { return false; } @@ -1142,11 +1142,11 @@ char header[1000 + 1] = { 0 }; char footer[1000 + 1] = { 0 }; - if (snprintf(header, sizeof(header), "-----BEGIN %s-----", name) >= sizeof(header)) + if (!checked_snprintf(header, sizeof(header), "-----BEGIN %s-----", name)) { return false; } - if (snprintf(footer, sizeof(footer), "-----END %s-----", name) >= sizeof(footer)) + if (!checked_snprintf(footer, sizeof(footer), "-----END %s-----", name)) { return false; } diff --git a/src/openvpn/crypto_mbedtls_legacy.c b/src/openvpn/crypto_mbedtls_legacy.c index 00fe542..237564c 100644 --- a/src/openvpn/crypto_mbedtls_legacy.c +++ b/src/openvpn/crypto_mbedtls_legacy.c @@ -130,7 +130,7 @@ { char prefix[256]; - if (snprintf(prefix, sizeof(prefix), "%s:%d", func, line) >= sizeof(prefix)) + if (!checked_snprintf(prefix, sizeof(prefix), "%s:%d", func, line)) { return mbed_log_err(flags, errval, func); } @@ -246,11 +246,11 @@ char header[1000 + 1] = { 0 }; char footer[1000 + 1] = { 0 }; - if (snprintf(header, sizeof(header), "-----BEGIN %s-----\n", name) >= sizeof(header)) + if (!checked_snprintf(header, sizeof(header), "-----BEGIN %s-----\n", name)) { return false; } - if (snprintf(footer, sizeof(footer), "-----END %s-----\n", name) >= sizeof(footer)) + if (!checked_snprintf(footer, sizeof(footer), "-----END %s-----\n", name)) { return false; } @@ -283,11 +283,11 @@ char header[1000 + 1] = { 0 }; char footer[1000 + 1] = { 0 }; - if (snprintf(header, sizeof(header), "-----BEGIN %s-----", name) >= sizeof(header)) + if (!checked_snprintf(header, sizeof(header), "-----BEGIN %s-----", name)) { return false; } - if (snprintf(footer, sizeof(footer), "-----END %s-----", name) >= sizeof(footer)) + if (!checked_snprintf(footer, sizeof(footer), "-----END %s-----", name)) { return false; } diff --git a/src/openvpn/dns.c b/src/openvpn/dns.c index f4f7779..3a294ec 100644 --- a/src/openvpn/dns.c +++ b/src/openvpn/dns.c @@ -485,13 +485,11 @@ if (j < 0) { - const int ret = snprintf(name, sizeof(name), format, i); - name_ok = (ret > 0 && ret < sizeof(name)); + name_ok = checked_snprintf(name, sizeof(name), format, i); } else { - const int ret = snprintf(name, sizeof(name), format, i, j); - name_ok = (ret > 0 && ret < sizeof(name)); + name_ok = checked_snprintf(name, sizeof(name), format, i, j); } if (!name_ok) diff --git a/src/openvpn/env_set.c b/src/openvpn/env_set.c index 99ac45c..d992097 100644 --- a/src/openvpn/env_set.c +++ b/src/openvpn/env_set.c @@ -334,7 +334,7 @@ strcpy(tmpname, name); while (NULL != env_set_get(es, tmpname) && counter < 1000) { - ASSERT(snprintf(tmpname, tmpname_len, "%s_%u", name, counter) < tmpname_len); + ASSERT(checked_snprintf(tmpname, tmpname_len, "%s_%u", name, counter)); counter++; } if (counter < 1000) diff --git a/src/openvpn/platform.c b/src/openvpn/platform.c index 4f0eddf..3a6b272 100644 --- a/src/openvpn/platform.c +++ b/src/openvpn/platform.c @@ -550,9 +550,8 @@ { ++attempts; - const int ret = snprintf(fname, sizeof(fname), fname_fmt, max_prefix_len, prefix, - (unsigned long)get_random(), (unsigned long)get_random()); - if (ret < 0 || ret >= sizeof(fname)) + if (!checked_snprintf(fname, sizeof(fname), fname_fmt, max_prefix_len, prefix, + (unsigned long)get_random(), (unsigned long)get_random())) { msg(M_WARN, "ERROR: temporary filename too long"); return NULL; diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c index b355827..9f3ec93 100644 --- a/src/openvpn/proxy.c +++ b/src/openvpn/proxy.c @@ -771,11 +771,10 @@ } /* send digest response */ - int sret = snprintf( - buf, sizeof(buf), - "Proxy-Authorization: Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", qop=%s, nc=%s, cnonce=\"%s\", response=\"%s\"%s", - username, realm, nonce, uri, qop, nonce_count, cnonce, response, opaque_kv); - if (sret >= sizeof(buf)) + if (!checked_snprintf( + buf, sizeof(buf), + "Proxy-Authorization: Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", qop=%s, nc=%s, cnonce=\"%s\", response=\"%s\"%s", + username, realm, nonce, uri, qop, nonce_count, cnonce, response, opaque_kv)) { goto error; } diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index 5cb5912..19f3d54 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -119,10 +119,9 @@ goto cleanup; } - int sret = snprintf(to_send, sizeof(to_send), "\x01%c%s%c%s", (int)strlen(creds.username), - creds.username, (int)strlen(creds.password), creds.password); - ASSERT(sret >= 0 && sret <= sizeof(to_send)); - + ASSERT(checked_snprintf(to_send, sizeof(to_send), "\x01%c%s%c%s", + (int)strlen(creds.username), creds.username, + (int)strlen(creds.password), creds.password)); if (!proxy_send(sd, to_send, strlen(to_send))) { goto cleanup; diff --git a/src/openvpn/ssl_ncp.c b/src/openvpn/ssl_ncp.c index 20fd2f0..686f823 100644 --- a/src/openvpn/ssl_ncp.c +++ b/src/openvpn/ssl_ncp.c @@ -198,7 +198,7 @@ size_t newlen = strlen(o->ncp_ciphers) + 1 + strlen(ciphername) + 1; char *ncp_ciphers = gc_malloc(newlen, false, &o->gc); - ASSERT(snprintf(ncp_ciphers, newlen, "%s:%s", o->ncp_ciphers, ciphername) < newlen); + ASSERT(checked_snprintf(ncp_ciphers, newlen, "%s:%s", o->ncp_ciphers, ciphername)); o->ncp_ciphers = ncp_ciphers; } diff --git a/src/openvpn/ssl_verify.c b/src/openvpn/ssl_verify.c index 0b02a2f..9e30d25 100644 --- a/src/openvpn/ssl_verify.c +++ b/src/openvpn/ssl_verify.c @@ -548,7 +548,7 @@ goto cleanup; } - if (snprintf(fn, sizeof(fn), "%s%c%s", crl_dir, PATH_SEPARATOR, serial) >= sizeof(fn)) + if (!checked_snprintf(fn, sizeof(fn), "%s%c%s", crl_dir, PATH_SEPARATOR, serial)) { msg(D_HANDSHAKE, "VERIFY CRL: filename overflow"); goto cleanup; diff --git a/src/openvpn/ssl_verify_mbedtls.c b/src/openvpn/ssl_verify_mbedtls.c index adeaa13..ad5479c 100644 --- a/src/openvpn/ssl_verify_mbedtls.c +++ b/src/openvpn/ssl_verify_mbedtls.c @@ -93,9 +93,7 @@ ret = mbedtls_x509_crt_verify_info(errstr, sizeof(errstr) - 1, "", *flags); if (ret <= 0 - && snprintf(errstr, sizeof(errstr), "Could not retrieve error string, flags=%" PRIx32, - *flags) - >= sizeof(errstr)) + && !checked_snprintf(errstr, sizeof(errstr), "Could not retrieve error string, flags=%" PRIx32, *flags)) { errstr[0] = '\0'; } diff --git a/src/openvpn/tun.c b/src/openvpn/tun.c index 3f9ee5d..ecebff7 100644 --- a/src/openvpn/tun.c +++ b/src/openvpn/tun.c @@ -3558,9 +3558,7 @@ msg(M_FATAL, "Error enumerating registry subkeys of key: %s", ADAPTER_KEY); } - int ret = snprintf(unit_string, sizeof(unit_string), "%s\\%s", ADAPTER_KEY, enum_name); - - if (ret < 0 || ret >= sizeof(unit_string)) + if (!checked_snprintf(unit_string, sizeof(unit_string), "%s\\%s", ADAPTER_KEY, enum_name)) { msg(M_WARN, "Error constructing unit string for %s", enum_name); continue; @@ -3673,10 +3671,9 @@ msg(M_FATAL, "Error enumerating registry subkeys of key: %s", NETWORK_CONNECTIONS_KEY); } - int ret = snprintf(connection_string, sizeof(connection_string), "%s\\%s\\Connection", - NETWORK_CONNECTIONS_KEY, enum_name); - - if (ret < 0 || ret >= sizeof(connection_string)) + if (!checked_snprintf(connection_string, sizeof(connection_string), + "%s\\%s\\Connection", + NETWORK_CONNECTIONS_KEY, enum_name)) { msg(M_WARN, "Error constructing connection string for %s", enum_name); continue; diff --git a/src/openvpn/win32.c b/src/openvpn/win32.c index b938d7b..ac449fd 100644 --- a/src/openvpn/win32.c +++ b/src/openvpn/win32.c @@ -881,9 +881,8 @@ char force_path[256]; char *sysroot = get_win_sys_path(); - if (snprintf(force_path, sizeof(force_path), "PATH=%s\\System32;%s;%s\\System32\\Wbem", - sysroot, sysroot, sysroot) - >= sizeof(force_path)) + if (!checked_snprintf(force_path, sizeof(force_path), "PATH=%s\\System32;%s;%s\\System32\\Wbem", + sysroot, sysroot, sysroot)) { msg(M_WARN, "env_block: default path truncated to %s", force_path); } diff --git a/tests/unit_tests/openvpn/test_buffer.c b/tests/unit_tests/openvpn/test_buffer.c index 16949bc..d04f40a 100644 --- a/tests/unit_tests/openvpn/test_buffer.c +++ b/tests/unit_tests/openvpn/test_buffer.c @@ -424,6 +424,16 @@ #endif } +static void +test_checked_snprintf(void **state) +{ + char buf[10]; + assert_true(checked_snprintf(buf, sizeof(buf), "%s", "Hello")); + assert_true(checked_snprintf(buf, sizeof(buf), "%s", "Hello Foo")); + assert_false(checked_snprintf(buf, sizeof(buf), "%s", "Hello Foo!")); + assert_false(checked_snprintf(buf, sizeof(buf), "%s", "Hello World!")); +} + void test_buffer_chomp(void **state) { @@ -528,6 +538,7 @@ cmocka_unit_test(test_character_class), cmocka_unit_test(test_character_string_mod_buf), cmocka_unit_test(test_snprintf), + cmocka_unit_test(test_checked_snprintf), cmocka_unit_test(test_buffer_chomp), cmocka_unit_test(test_buffer_parse) };