From: Claudio Jeker Subject: libutil, use secure idiom from snprintf(3) To: tech@openbsd.org Date: Mon, 25 Aug 2025 10:44:32 +0200 make WARNINGS=yes currently complains about two files that don't do the error checking as it is shown in snprintf(3). uucplock.c was just missing the size_t case. opendev.c did not check for < 0. I adjusted to code to use the idiom from the man page which inverts the logic of the if else statement. -- :wq Claudio Index: opendev.c =================================================================== RCS file: /cvs/src/lib/libutil/opendev.c,v diff -u -p -r1.17 opendev.c --- opendev.c 26 Aug 2022 21:47:16 -0000 1.17 +++ opendev.c 25 Aug 2025 08:39:44 -0000 @@ -51,7 +51,7 @@ opendev(const char *path, int oflags, in static char namebuf[PATH_MAX]; struct dk_diskmap dm; char *slash, *prefix; - int fd; + int fd, ret; /* Initial state */ fd = -1; @@ -88,19 +88,20 @@ opendev(const char *path, int oflags, in /* * First try raw partition (for removable drives) */ - if (snprintf(namebuf, sizeof(namebuf), "%s%s%s%c", - _PATH_DEV, prefix, path, 'a' + getrawpartition()) - < sizeof(namebuf)) { - fd = open(namebuf, oflags); - } else + ret = snprintf(namebuf, sizeof(namebuf), "%s%s%s%c", + _PATH_DEV, prefix, path, 'a' + getrawpartition()); + if (ret < 0 || (size_t)ret >= sizeof(namebuf)) errno = ENAMETOOLONG; + else + fd = open(namebuf, oflags); } if (fd == -1 && errno == ENOENT) { - if (snprintf(namebuf, sizeof(namebuf), "%s%s%s", - _PATH_DEV, prefix, path) < sizeof(namebuf)) { - fd = open(namebuf, oflags); - } else + ret = snprintf(namebuf, sizeof(namebuf), "%s%s%s", + _PATH_DEV, prefix, path); + if (ret < 0 || (size_t)ret >= sizeof(namebuf)) errno = ENAMETOOLONG; + else + fd = open(namebuf, oflags); } } if (realpath) Index: uucplock.c =================================================================== RCS file: /cvs/src/lib/libutil/uucplock.c,v diff -u -p -r1.21 uucplock.c --- uucplock.c 3 Jul 2019 03:24:04 -0000 1.21 +++ uucplock.c 25 Aug 2025 08:40:19 -0000 @@ -197,7 +197,7 @@ put_pid(int fd, pid_t pid) int len; len = snprintf(buf, sizeof buf, "%10ld\n", (long)pid); - if (len < 0 || len >= sizeof buf) + if (len < 0 || (size_t)len >= sizeof buf) return 0; if (write(fd, buf, len) != len)