FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Cluster Development

 
 
LinkBack Thread Tools
 
Old 10-25-2011, 12:09 PM
"Fabio M. Di Nitto"
 
Default config: fix extremely unlikely buffer overflow

Spotted by Coverity Scan

Signed-off-by: Fabio M. Di Nitto <fdinitto@redhat.com>
---
:100644 100644 541fed7... 12c5320... M config/libs/libccsconfdb/extras.c
config/libs/libccsconfdb/extras.c | 23 +++++++++++++----------
1 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/config/libs/libccsconfdb/extras.c b/config/libs/libccsconfdb/extras.c
index 541fed7..12c5320 100644
--- a/config/libs/libccsconfdb/extras.c
+++ b/config/libs/libccsconfdb/extras.c
@@ -227,7 +227,7 @@ static int priority_id_get(char *name)
}

/* requires string buffer to be PATH_MAX */
-static void read_string(int fd, const char *path, char *string)
+static void read_string(int fd, const char *path, char *string, size_t string_s)
{
char *str;
int error;
@@ -238,7 +238,7 @@ static void read_string(int fd, const char *path, char *string)
if (error || !str)
return;

- strcpy(string, str);
+ strncpy(string, str, string_s - 1);

free(str);
}
@@ -345,7 +345,8 @@ void ccs_read_logging(int fd, const char *name, int *debug, int *mode,
*/
create_daemon_path(name, "syslog_facility", path);

- read_string(fd, "/cluster/logging/@syslog_facility", string);
+ read_string(fd, "/cluster/logging/@syslog_facility",
+ string, sizeof(string));

if (string[0]) {
val = facility_id_get(string);
@@ -353,7 +354,7 @@ void ccs_read_logging(int fd, const char *name, int *debug, int *mode,
*syslog_facility = val;
}

- read_string(fd, path, string);
+ read_string(fd, path, string, sizeof(string));

if (string[0]) {
val = facility_id_get(string);
@@ -366,7 +367,8 @@ void ccs_read_logging(int fd, const char *name, int *debug, int *mode,
*/
create_daemon_path(name, "syslog_priority", path);

- read_string(fd, "/cluster/logging/@syslog_priority", string);
+ read_string(fd, "/cluster/logging/@syslog_priority",
+ string, sizeof(string));

if (string[0]) {
val = priority_id_get(string);
@@ -374,7 +376,7 @@ void ccs_read_logging(int fd, const char *name, int *debug, int *mode,
*syslog_priority = val;
}

- read_string(fd, path, string);
+ read_string(fd, path, string, sizeof(string));

if (string[0]) {
val = priority_id_get(string);
@@ -387,12 +389,12 @@ void ccs_read_logging(int fd, const char *name, int *debug, int *mode,
*/
create_daemon_path(name, "logfile", path);

- read_string(fd, "/cluster/logging/@logfile", string);
+ read_string(fd, "/cluster/logging/@logfile", string, sizeof(string));

if (string[0])
strcpy(logfile, string);

- read_string(fd, path, string);
+ read_string(fd, path, string, sizeof(string));

if (string[0])
strcpy(logfile, string);
@@ -432,7 +434,8 @@ void ccs_read_logging(int fd, const char *name, int *debug, int *mode,
*/
create_daemon_path(name, "logfile_priority", path);

- read_string(fd, "/cluster/logging/@logfile_priority", string);
+ read_string(fd, "/cluster/logging/@logfile_priority",
+ string, sizeof(string));

if (string[0]) {
val = priority_id_get(string);
@@ -440,7 +443,7 @@ void ccs_read_logging(int fd, const char *name, int *debug, int *mode,
*logfile_priority = val;
}

- read_string(fd, path, string);
+ read_string(fd, path, string, sizeof(string));

if (string[0]) {
val = priority_id_get(string);
--
1.7.4.4
 

Thread Tools




All times are GMT. The time now is 12:18 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org