FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Cluster Development

 
 
LinkBack Thread Tools
 
Old 10-11-2012, 02:21 PM
Jan Pokorný
 
Default libcman: fix possible string nontermination: node name

Haven't tested it, but it seems that if node.cn_name has 254 non-null
bytes (should be otherwise perfectly valid, actual characters number
may vary due to utf-8), it will pester later in the processing due
to not being null-terminated (depends whether 255th byte being
accidentally zero), strcmp in find_node_by_name being the first
troublesome place in row.

After this change and taking preceding condition into account,
the situation should be safe.

Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
---
cman/lib/libcman.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cman/lib/libcman.c b/cman/lib/libcman.c
index 6ed8ecb..012047d 100644
--- a/cman/lib/libcman.c
+++ b/cman/lib/libcman.c
@@ -685,7 +685,7 @@ int cman_get_node(cman_handle_t handle, int nodeid, cman_node_t *node)
}

cman_node.node_id = nodeid;
- strncpy(cman_node.name, node->cn_name, sizeof(cman_node.name) - 1);
+ strncpy(cman_node.name, node->cn_name, sizeof(cman_node.name));
status = info_call(h, CMAN_CMD_GETNODE, &cman_node, sizeof(struct cl_cluster_node),
&cman_node, sizeof(struct cl_cluster_node));
if (status < 0)
--
1.7.11.4
 

Thread Tools




All times are GMT. The time now is 09:30 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org