From 39bd412d289428574543d36281b668d5e3fed214 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Fri, 19 Oct 2018 00:30:32 +0200 Subject: [PATCH] shared: improve length check in nm_construct_name_a() Refactor the check so that integer overflow cannot happen. Realistically, it anyway couldn't happen, because _name is nowhere near the size of G_MAXSIZE. Still, avoid such code. Also, the operands involved here are constants, so the extra check can anyway be resolved at compile-time. --- shared/nm-utils/nm-macros-internal.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/shared/nm-utils/nm-macros-internal.h b/shared/nm-utils/nm-macros-internal.h index d78f087414..6a419f788f 100644 --- a/shared/nm-utils/nm-macros-internal.h +++ b/shared/nm-utils/nm-macros-internal.h @@ -1420,7 +1420,8 @@ nm_decode_version (guint version, guint *major, guint *minor, guint *micro) char *_buf2; \ \ nm_assert (_p_val_to_free && !*_p_val_to_free); \ - if (NM_STRLEN (format) + _name_len < 200) \ + if ( NM_STRLEN (format) < 200 \ + && _name_len < (gsize) (200 - NM_STRLEN (format))) \ _buf2 = nm_sprintf_bufa (NM_STRLEN (format) + _name_len, format, _name); \ else { \ _buf2 = g_strdup_printf (format, _name); \