diff options
author | Tom Hughes <tomhughes@chromium.org> | 2022-07-11 10:21:49 -0700 |
---|---|---|
committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2022-07-13 15:46:35 +0000 |
commit | c8282f61e105490ed50120ec2d6a83a1e2ec1e08 (patch) | |
tree | 73047f4ef11b26e46ef90795a1c74c3c03932394 | |
parent | cce493a388878334a65af95c4313ee051ef8a546 (diff) | |
download | chrome-ec-c8282f61e105490ed50120ec2d6a83a1e2ec1e08.tar.gz |
tree: Check return value from snprintf
snprintf returns a negative value on failure. The return value should be
checked to make sure that there were no errors.
BRANCH=none
BUG=b:238433667, b:234181908
TEST=make buildall
Signed-off-by: Tom Hughes <tomhughes@chromium.org>
Change-Id: I64e2e69df7fa22c94f19acbbca8c6afbe6cf1ff1
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/3756174
Reviewed-by: Denis Brockus <dbrockus@chromium.org>
-rw-r--r-- | board/fusb307bgevb/board.c | 29 | ||||
-rw-r--r-- | board/hammer/board.c | 4 | ||||
-rw-r--r-- | board/prism/board.c | 4 | ||||
-rw-r--r-- | chip/host/persistence.c | 14 | ||||
-rw-r--r-- | common/battery_v1.c | 7 | ||||
-rw-r--r-- | common/battery_v2.c | 5 | ||||
-rw-r--r-- | common/fan.c | 4 | ||||
-rw-r--r-- | driver/battery/max17055.c | 9 | ||||
-rw-r--r-- | include/common.h | 6 | ||||
-rw-r--r-- | include/printf.h | 7 |
10 files changed, 63 insertions, 26 deletions
diff --git a/board/fusb307bgevb/board.c b/board/fusb307bgevb/board.c index 853b38c0a3..3e8771a63b 100644 --- a/board/fusb307bgevb/board.c +++ b/board/fusb307bgevb/board.c @@ -72,10 +72,13 @@ static void button_refresh_event_deferred(void) /* Display supply voltage on first page. */ lcd_clear(); for (i = 0; i < MIN(pd_get_src_cap_cnt(0), 4); i++) { + int rv; pd_extract_pdo_power(pd_get_src_caps(0)[i], &ma, &mv, &unused); - snprintf(c, ARRAY_SIZE(c), "[%d] %dmV %dmA", i, mv, ma); - lcd_set_cursor(0, i); - lcd_print_string(c); + rv = snprintf(c, ARRAY_SIZE(c), "[%d] %dmV %dmA", i, mv, ma); + if (rv > 0) { + lcd_set_cursor(0, i); + lcd_print_string(c); + } } /* Display selector */ @@ -107,21 +110,29 @@ static void button_down_event_deferred(void) if (count == 0) { lcd_clear(); for (i = 0; i < MIN(pd_get_src_cap_cnt(0), 4); i++) { + int rv; pd_extract_pdo_power(pd_get_src_caps(0)[i], &ma, &mv, &unused); - snprintf(c, ARRAY_SIZE(c), "[%d] %dmV %dmA", i, mv, ma); - lcd_set_cursor(0, i); - lcd_print_string(c); + rv = snprintf(c, ARRAY_SIZE(c), "[%d] %dmV %dmA", i, mv, + ma); + if (rv > 0) { + lcd_set_cursor(0, i); + lcd_print_string(c); + } } } if (count == 4) { lcd_clear(); for (i = 4; i < pd_get_src_cap_cnt(0); i++) { + int rv; pd_extract_pdo_power(pd_get_src_caps(0)[i], &ma, &mv, &unused); - snprintf(c, ARRAY_SIZE(c), "[%d] %dmV %dmA", i, mv, ma); - lcd_set_cursor(0, i - 4); - lcd_print_string(c); + rv = snprintf(c, ARRAY_SIZE(c), "[%d] %dmV %dmA", i, mv, + ma); + if (rv > 0) { + lcd_set_cursor(0, i - 4); + lcd_print_string(c); + } } } diff --git a/board/hammer/board.c b/board/hammer/board.c index 12cf41e910..76a4df7eeb 100644 --- a/board/hammer/board.c +++ b/board/hammer/board.c @@ -322,7 +322,9 @@ __override const char *board_read_serial(void) int i; for (i = 0; i < idlen && pos < sizeof(str); i++, pos += 2) { - snprintf(&str[pos], sizeof(str) - pos, "%02x", id[i]); + if (snprintf(&str[pos], sizeof(str) - pos, "%02x", + id[i]) < 0) + return NULL; } } diff --git a/board/prism/board.c b/board/prism/board.c index 5a50a8c950..5ff237317f 100644 --- a/board/prism/board.c +++ b/board/prism/board.c @@ -350,7 +350,9 @@ __override const char *board_read_serial(void) int i; for (i = 0; i < idlen && pos < sizeof(str); i++, pos += 2) { - snprintf(&str[pos], sizeof(str) - pos, "%02x", id[i]); + if (snprintf(&str[pos], sizeof(str) - pos, "%02x", + id[i]) < 0) + return NULL; } } diff --git a/chip/host/persistence.c b/chip/host/persistence.c index b2ab19f97e..d23615d1ec 100644 --- a/chip/host/persistence.c +++ b/chip/host/persistence.c @@ -62,6 +62,8 @@ static void get_storage_path(char *out) sz = snprintf(out, PATH_MAX - 1, "/dev/shm/EC_persist_%.*s", max_len, buf); + ASSERT(sz > 0); + out[PATH_MAX - 1] = '\0'; ASSERT(sz <= max_len + max_prefix_len); @@ -71,6 +73,7 @@ FILE *get_persistent_storage(const char *tag, const char *mode) { char buf[PATH_MAX]; char path[PATH_MAX]; + int sz; /* There's no longer tag in use right now, and there shouldn't be. */ ASSERT(strlen(tag) < 32); @@ -80,8 +83,9 @@ FILE *get_persistent_storage(const char *tag, const char *mode) * be named 'bar_persist_foo' */ get_storage_path(buf); - snprintf(path, PATH_MAX - 1, "%.*s_%32s", max_len + max_prefix_len, buf, - tag); + sz = snprintf(path, PATH_MAX - 1, "%.*s_%32s", max_len + max_prefix_len, + buf, tag); + ASSERT(sz > 0); path[PATH_MAX - 1] = '\0'; return fopen(path, mode); @@ -96,13 +100,15 @@ void remove_persistent_storage(const char *tag) { char buf[PATH_MAX]; char path[PATH_MAX]; + int sz; /* There's no longer tag in use right now, and there shouldn't be. */ ASSERT(strlen(tag) < 32); get_storage_path(buf); - snprintf(path, PATH_MAX - 1, "%.*s_%32s", max_len + max_prefix_len, buf, - tag); + sz = snprintf(path, PATH_MAX - 1, "%.*s_%32s", max_len + max_prefix_len, + buf, tag); + ASSERT(sz > 0); path[PATH_MAX - 1] = '\0'; unlink(path); diff --git a/common/battery_v1.c b/common/battery_v1.c index d0920d30b4..b53e57df8a 100644 --- a/common/battery_v1.c +++ b/common/battery_v1.c @@ -34,8 +34,11 @@ int update_static_battery_info(void) batt_str = (char *)host_get_memmap(EC_MEMMAP_BATT_SERIAL); memset(batt_str, 0, EC_MEMMAP_TEXT_MAX); rv = battery_serial_number(&batt_serial); - if (!rv) - snprintf(batt_str, EC_MEMMAP_TEXT_MAX, "%04X", batt_serial); + if (!rv) { + if (snprintf(batt_str, EC_MEMMAP_TEXT_MAX, "%04X", + batt_serial) <= 0) + rv |= EC_ERROR_UNKNOWN; + } /* Design Capacity of Full */ rv |= battery_design_capacity( diff --git a/common/battery_v2.c b/common/battery_v2.c index 1ed7205b65..4d4a14e113 100644 --- a/common/battery_v2.c +++ b/common/battery_v2.c @@ -220,8 +220,9 @@ int update_static_battery_info(void) /* Smart battery serial number is 16 bits */ rv = battery_serial_number(&batt_serial); if (!rv) - snprintf(bs->serial_ext, sizeof(bs->serial_ext), "%04X", - batt_serial); + if (snprintf(bs->serial_ext, sizeof(bs->serial_ext), "%04X", + batt_serial) <= 0) + rv |= EC_ERROR_UNKNOWN; /* Design Capacity of Full */ ret = battery_design_capacity(&val); diff --git a/common/fan.c b/common/fan.c index ee324b5031..1dfc9e1af5 100644 --- a/common/fan.c +++ b/common/fan.c @@ -183,7 +183,9 @@ static int cc_faninfo(int argc, char **argv) char leader[20] = ""; for (fan = 0; fan < fan_count; fan++) { if (fan_count > 1) - snprintf(leader, sizeof(leader), "Fan %d ", fan); + if (snprintf(leader, sizeof(leader), "Fan %d ", fan) < + 0) + leader[0] = '\0'; if (fan) ccprintf("\n"); ccprintf("%sActual: %4d rpm\n", leader, diff --git a/driver/battery/max17055.c b/driver/battery/max17055.c index 382995d0df..88d58eb659 100644 --- a/driver/battery/max17055.c +++ b/driver/battery/max17055.c @@ -92,10 +92,13 @@ int battery_device_name(char *device_name, int buf_size) int rv; rv = max17055_read(REG_DEVICE_NAME, &dev_id); - if (!rv) - snprintf(device_name, buf_size, "0x%04x", dev_id); + if (rv != EC_SUCCESS) + return rv; - return rv; + if (snprintf(device_name, buf_size, "0x%04x", dev_id) <= 0) + return EC_ERROR_UNKNOWN; + + return EC_SUCCESS; } int battery_state_of_charge_abs(int *percent) diff --git a/include/common.h b/include/common.h index 74c229261c..7a549a6d55 100644 --- a/include/common.h +++ b/include/common.h @@ -187,6 +187,12 @@ #define __overridable __attribute__((weak)) /* + * Attribute that will generate a compiler warning if the return value is not + * used. + */ +#define __warn_unused_result __attribute__((warn_unused_result)) + +/* * Macros for combining bytes into larger integers. _LE and _BE signify little * and big endian versions respectively. */ diff --git a/include/printf.h b/include/printf.h index 333e622b7b..370675ca46 100644 --- a/include/printf.h +++ b/include/printf.h @@ -99,7 +99,8 @@ __stdlib_compat int vfnprintf(int (*addchar)(void *context, int c), * @param format Format string * @return EC_SUCCESS, or EC_ERROR_OVERFLOW if the output was truncated. */ -__attribute__((__format__(__printf__, 3, 4))) __stdlib_compat int +__attribute__((__format__(__printf__, 3, 4))) +__warn_unused_result __stdlib_compat int crec_snprintf(char *str, size_t size, const char *format, ...); /** @@ -114,8 +115,8 @@ crec_snprintf(char *str, size_t size, const char *format, ...); * @return The string length written to str, or a negative value on error. * The negative values can be -EC_ERROR_INVAL or -EC_ERROR_OVERFLOW. */ -__stdlib_compat int crec_vsnprintf(char *str, size_t size, const char *format, - va_list args); +__warn_unused_result __stdlib_compat int +crec_vsnprintf(char *str, size_t size, const char *format, va_list args); #endif /* !HIDE_EC_STDLIB */ |