From: Oren Laadan <orenl-RdfvBDnrOixBDgjK7y7TUQ@public.gmane.org>
To: Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org
Subject: Re: [PATCH 2/2] File name length limit off by sizeof(struct ckpt_hdr)
Date: Fri, 23 Oct 2009 20:29:13 -0400 [thread overview]
Message-ID: <4AE24A59.8020801@librato.com> (raw)
In-Reply-To: <633d58fa4318bd9ae8d9955cfa70d246184c38a5.1256320668.git.matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
Matt Helsley wrote:
> Unlike the length passed into ckpt_write_obj_type, the maximum length passed
> to ckpt_read_buf_type must include the length of the struct ckpt_hdr.
IMHO, the right way to fix this is to change ckpt_read_obj_type().
This will preserve symmetry between checkpoint and restart, and also
fix a similar problem in kernel/groups.c (MAX_GROUPINFO_SIZE).
No need to resend - I'll fix already.
Oren.
>
> Signed-off-by: Matt Helsley <matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
> ---
> checkpoint/files.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/checkpoint/files.c b/checkpoint/files.c
> index 0564666..562c338 100644
> --- a/checkpoint/files.c
> +++ b/checkpoint/files.c
> @@ -449,7 +449,7 @@ struct file *restore_open_fname(struct ckpt_ctx *ctx, int flags)
> if (flags & (O_CREAT | O_EXCL | O_NOCTTY | O_TRUNC))
> return ERR_PTR(-EINVAL);
>
> - h = ckpt_read_buf_type(ctx, PATH_MAX, CKPT_HDR_FILE_NAME);
> + h = ckpt_read_buf_type(ctx, PATH_MAX + sizeof(*h), CKPT_HDR_FILE_NAME);
> if (IS_ERR(h))
> return (struct file *) h;
> len = h->len - sizeof(*h);
next prev parent reply other threads:[~2009-10-24 0:29 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-10-23 17:58 [PATCH 1/2] Ensure nul-termination of file names read from checkpoint images Matt Helsley
[not found] ` <bb799d3c1e3e27d60dac114992c3e310fe14a9e6.1256320668.git.matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-10-23 17:58 ` [PATCH 2/2] File name length limit off by sizeof(struct ckpt_hdr) Matt Helsley
[not found] ` <633d58fa4318bd9ae8d9955cfa70d246184c38a5.1256320668.git.matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-10-24 0:29 ` Oren Laadan [this message]
[not found] ` <4AE24A59.8020801-RdfvBDnrOixBDgjK7y7TUQ@public.gmane.org>
2009-10-24 2:02 ` Matt Helsley
2009-10-27 6:04 ` Serge E. Hallyn
[not found] ` <20091027060413.GA27733-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2009-10-27 13:02 ` Oren Laadan
2009-10-24 0:23 ` [PATCH 1/2] Ensure nul-termination of file names read from checkpoint images Oren Laadan
[not found] ` <4AE248FC.5000401-RdfvBDnrOixBDgjK7y7TUQ@public.gmane.org>
2009-10-24 0:29 ` Oren Laadan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4AE24A59.8020801@librato.com \
--to=orenl-rdfvbdnroixbdgjk7y7tuq@public.gmane.org \
--cc=containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org \
--cc=matthltc-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox