From 34875547367d1472905a22c9f37537454fe3eaa4 Mon Sep 17 00:00:00 2001
From: Peter Krempa <pkrempa@redhat.com>
Date: Tue, 23 Feb 2021 15:38:02 +0100
Subject: [PATCH] util: virerror: Don't use stack'd buffers in error report
 helpers
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This was (probably) a relict from times when we cared about OOM
conditions and the possibility to report the error. Nowadays it doesn't
make sense as virRaiseErrorFull will do an allocated copy of the strings
and also concatenate the error message prefix with the detail which
doesn't guarantee that the result will be less than 1024 chars.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
---
 src/util/virerror.c | 47 +++++++++++++++++++--------------------------
 1 file changed, 20 insertions(+), 27 deletions(-)

diff --git a/src/util/virerror.c b/src/util/virerror.c
index a503cdefdc..b9a49ec70c 100644
--- a/src/util/virerror.c
+++ b/src/util/virerror.c
@@ -28,6 +28,7 @@
 #include "virlog.h"
 #include "virthread.h"
 #include "virstring.h"
+#include "virbuffer.h"
 
 #define LIBVIRT_VIRERRORPRIV_H_ALLOW
 #include "virerrorpriv.h"
@@ -1285,23 +1286,23 @@ void virReportErrorHelper(int domcode,
                           const char *fmt, ...)
 {
     int save_errno = errno;
-    va_list args;
-    char errorMessage[VIR_ERROR_MAX_LENGTH];
-    const char *virerr;
+    g_autofree char *detail = NULL;
+    const char *errormsg;
 
     if (fmt) {
+        va_list args;
+
         va_start(args, fmt);
-        g_vsnprintf(errorMessage, sizeof(errorMessage)-1, fmt, args);
+        detail = g_strdup_vprintf(fmt, args);
         va_end(args);
-    } else {
-        errorMessage[0] = '\0';
     }
 
-    virerr = virErrorMsg(errorcode, (errorMessage[0] ? errorMessage : NULL));
+    errormsg = virErrorMsg(errorcode, detail);
+
     virRaiseErrorFull(filename, funcname, linenr,
                       domcode, errorcode, VIR_ERR_ERROR,
-                      virerr, errorMessage, NULL,
-                      -1, -1, virerr, errorMessage);
+                      errormsg, detail, NULL,
+                      -1, -1, errormsg, detail);
     errno = save_errno;
 }
 
@@ -1325,36 +1326,28 @@ void virReportSystemErrorFull(int domcode,
                               const char *fmt, ...)
 {
     int save_errno = errno;
-    char msgDetailBuf[VIR_ERROR_MAX_LENGTH];
-
-    const char *errnoDetail = g_strerror(theerrno);
-    const char *msg = virErrorMsg(VIR_ERR_SYSTEM_ERROR, fmt);
-    const char *msgDetail = NULL;
+    virBuffer buf = VIR_BUFFER_INITIALIZER;
+    g_autofree char *detail = NULL;
+    const char *errormsg;
 
     if (fmt) {
         va_list args;
-        size_t len;
-        int n;
 
         va_start(args, fmt);
-        n = g_vsnprintf(msgDetailBuf, sizeof(msgDetailBuf), fmt, args);
+        virBufferVasprintf(&buf, fmt, args);
         va_end(args);
 
-        len = strlen(errnoDetail);
-        if (0 <= n && n + 2 + len < sizeof(msgDetailBuf)) {
-          strcpy(msgDetailBuf + n, ": ");
-          n += 2;
-          strcpy(msgDetailBuf + n, errnoDetail);
-          msgDetail = msgDetailBuf;
-        }
+        virBufferAddLit(&buf, ": ");
     }
 
-    if (!msgDetail)
-        msgDetail = errnoDetail;
+    virBufferAdd(&buf, g_strerror(theerrno), -1);
+
+    detail = virBufferContentAndReset(&buf);
+    errormsg = virErrorMsg(VIR_ERR_SYSTEM_ERROR, detail);
 
     virRaiseErrorFull(filename, funcname, linenr,
                       domcode, VIR_ERR_SYSTEM_ERROR, VIR_ERR_ERROR,
-                      msg, msgDetail, NULL, theerrno, -1, msg, msgDetail);
+                      errormsg, detail, NULL, theerrno, -1, errormsg, detail);
     errno = save_errno;
 }