From: Filipe David Borba Manana <fdmanana@gmail.com>
Date: Tue, 21 Jan 2014 23:36:38 +0000 (+0000)
Subject: Btrfs: fix snprintf usage by send's gen_unique_name
X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=f74b86d85533a98ef7f573487af38f9dd514becb;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git

Btrfs: fix snprintf usage by send's gen_unique_name

The buffer size argument passed to snprintf must account for the
trailing null byte added by snprintf, and it returns a value >= then
sizeof(buffer) when the string can't fit in the buffer.

Since our buffer has a size of 64 characters, and the maximum orphan
name we can generate is 63 characters wide, we must pass 64 as the
buffer size to snprintf, and not 63.

Signed-off-by: Filipe David Borba Manana <fdmanana@gmail.com>
Reviewed-by: David Sterba <dsterba@suse.cz>
Signed-off-by: Josef Bacik <jbacik@fb.com>
Signed-off-by: Chris Mason <clm@fb.com>
---

diff --git a/fs/btrfs/send.c b/fs/btrfs/send.c
index aa60cbe7066c..fc1f0abb8fe4 100644
--- a/fs/btrfs/send.c
+++ b/fs/btrfs/send.c
@@ -1336,7 +1336,7 @@ static int gen_unique_name(struct send_ctx *sctx,
 		return -ENOMEM;
 
 	while (1) {
-		len = snprintf(tmp, sizeof(tmp) - 1, "o%llu-%llu-%llu",
+		len = snprintf(tmp, sizeof(tmp), "o%llu-%llu-%llu",
 				ino, gen, idx);
 		if (len >= sizeof(tmp)) {
 			/* should really not happen */