In the function "cfs_set_gadget_config" from
src/usb-gadget/usb-gadget-cfs-ops.c, it concatenates two strings and
stores it into a buffer(named instance) using snprintf.
In this situation, the gcc-13 compiler complains about: the length of
concatenated string can be greater than the size of the buffer, so
it should be handled.
It is already handled by checking the length of the two strings but the
compiler don't know about it.
To fix this situation, codes for checking the return value of snprintf
have been added.
Change-Id: I6195e72dd2f88bfeb72fb53b19227d2e08d03afb
Signed-off-by: SangYoun Kwak <sy.kwak@samsung.com>
/* In functionfs, the instance is used in the format "[sdb|mtp].default" instead of "default" */
if (usb_func->is_functionfs) {
function_type = USBG_F_FFS;
- snprintf(instance, sizeof(instance), "%s%c%s", usb_func->name, NAME_INSTANCE_SEP, usb_func->instance);
+ ret = snprintf(instance, sizeof(instance), "%s%c%s", usb_func->name, NAME_INSTANCE_SEP, usb_func->instance);
+ if (ret < 0)
+ return -EINVAL;
+ if (sizeof(instance) <= ret)
+ return -ENAMETOOLONG;
} else {
function_type = usbg_lookup_function_type(usb_func->name);
strncpy(instance, usb_func->instance, sizeof(instance) - 1);