nbd: Avoid off-by-one in long export name truncation

When snprintf returns the same value as the buffer size, the final byte was truncated to ensure a NUL terminator. Fortunately, such long export names are unusual enough, with no real impact other than what is displayed to the user. Fixes: 5c86bdf12089 Reported-by: Max Reitz <mreitz@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com> Message-Id: <20200622210355.414941-1-eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> (cherry picked from commit 00d69986da83a74f6f5731c80f8dd09fde95d19a) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
author: Eric Blake <eblake@redhat.com> 2020-06-22 16:03:55 -0500
committer: Michael Roth <mdroth@linux.vnet.ibm.com> 2020-09-02 19:06:19 -0500
commit: 9380cb9de20b1554162eea9eb0e80209464ace50 (patch)
tree: 9a906d77c587af1021b211f0c8f2915b528036b3
parent: b3e49baa79908d7e1c35df3814435dda72d85267 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/block/nbd.c b/block/nbd.c
index bfc0be6af6..bf3fbebfa0 100644
--- a/block/nbd.c
+++ b/block/nbd.c
@@ -2011,7 +2011,7 @@ static void nbd_refresh_filename(BlockDriverState *bs)
         len = snprintf(bs->exact_filename, sizeof(bs->exact_filename),
                        "nbd://%s:%s", host, port);
     }
-    if (len > sizeof(bs->exact_filename)) {
+    if (len >= sizeof(bs->exact_filename)) {
         /* Name is too long to represent exactly, so leave it empty. */
         bs->exact_filename[0] = '\0';
     }
author	Eric Blake <eblake@redhat.com>	2020-06-22 16:03:55 -0500
committer	Michael Roth <mdroth@linux.vnet.ibm.com>	2020-09-02 19:06:19 -0500
commit	9380cb9de20b1554162eea9eb0e80209464ace50 (patch)
tree	9a906d77c587af1021b211f0c8f2915b528036b3
parent	b3e49baa79908d7e1c35df3814435dda72d85267 (diff)