Skip to content

prepare-root: Properly check return value of snprintf()#3568

Open
ukleinek wants to merge 1 commit intoostreedev:mainfrom
ukleinek:snprintf
Open

prepare-root: Properly check return value of snprintf()#3568
ukleinek wants to merge 1 commit intoostreedev:mainfrom
ukleinek:snprintf

Conversation

@ukleinek
Copy link

@ukleinek ukleinek commented Feb 6, 2026

When the target buffer is to small to hold the resulting string a value larger or equal than the buffer's size is returned. (In pre C99 versions, snprintf returned -1 in this case, too.)

So to ensure that no truncated paths are used adapt the error checking accordingly.

The other usages of snprintf either use a correct check or none at all.

@github-actions github-actions bot added the area/prepare-root Issue relates to ostree-prepare-root label Feb 6, 2026
@openshift-ci
Copy link

openshift-ci bot commented Feb 6, 2026

Hi @ukleinek. Thanks for your PR.

I'm waiting for a ostreedev member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Feb 6, 2026
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request correctly addresses a potential bug in snprintf usage by adding a check for truncation, in addition to the existing error check. This prevents the use of potentially truncated paths, improving the robustness and security of the ostree-prepare-root-static tool. The changes are correct and well-implemented. I've added a few suggestions to further improve the error handling by using errx instead of err to avoid misleading error messages on truncation, and to make the signed/unsigned comparison explicit.

I also noticed a similar incorrect snprintf check in src/switchroot/ostree-prepare-root.c at line 121. It would be great to address that as well in a follow-up to ensure consistency.

@ukleinek
Copy link
Author

ukleinek commented Feb 6, 2026

The "Debian Testing" failure is due to a preparing step failing and isn't triggered by the changes in this PR. (fuse was removed from testing, see https://tracker.debian.org/pkg/fuse)

@ukleinek
prepare-root: Properly check return value of snprintf()
cb6ec6c 
When the target buffer is to small to hold the resulting string a value
larger or equal than the buffer's size is returned. (In pre C99
versions, snprintf returned -1 in this case, too.)

So to ensure that no truncated paths are used adapt the error checking
accordingly.
@ukleinek
Copy link
Author

ukleinek commented Feb 6, 2026

I don't understand the failing continuous-integration/jenkins/pr-merge check, but I suspect it is also independent of my changes. Please tell me if I'm wrong here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

area/prepare-root Issue relates to ostree-prepare-root needs-ok-to-test

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ukleinek