From: Christian Hopps <chopps@labn.net>
Date: Tue, 6 Jun 2023 19:12:58 +0000 (-0400)
Subject: mgmtd: assert an assertion for coverity
X-Git-Tag: base_9.1~395^2
X-Git-Url: https://git.puffer.fish/?a=commitdiff_plain;h=565139a6d5c2541e7b740a4a972dd7c18a87a984;p=matthieu%2Ffrr.git

mgmtd: assert an assertion for coverity

I believe coverity can't tell the length of the return value from strftime based
on the format string (like we can), so it allows `n` to be larger than it could
be which then allows `sz - n` to be negative which is size_t positive and very
large so it thinks an overrun is possible.

CID#1563211

Signed-off-by: Christian Hopps <chopps@labn.net>
---

diff --git a/mgmtd/mgmt_history.h b/mgmtd/mgmt_history.h
index d3f7958952..5d9b662694 100644
--- a/mgmtd/mgmt_history.h
+++ b/mgmtd/mgmt_history.h
@@ -74,9 +74,11 @@ mgmt_time_to_string(struct timespec *tv, bool long_fmt, char *buffer, size_t sz)
 
 	if (long_fmt) {
 		n = strftime(buffer, sz, MGMT_LONG_TIME_FMT, &tm);
+		assert(n < sz);
 		snprintf(&buffer[n], sz - n, ",%09lu", tv->tv_nsec);
 	} else {
 		n = strftime(buffer, sz, MGMT_SHORT_TIME_FMT, &tm);
+		assert(n < sz);
 		snprintf(&buffer[n], sz - n, "%09lu", tv->tv_nsec);
 	}