From: Ken Raeburn <raeburn@permabit.com>
To: fio@vger.kernel.org
Subject: [PATCH] Fix crash with absurdly but not impossibly deeply nested device stacks.
Date: Mon, 28 Jan 2013 20:48:21 -0500 [thread overview]
Message-ID: <6ea9rsrc7u.fsf@just-testing.permabit.com> (raw)
In-Reply-To: <6eham0rdc3.fsf@just-testing.permabit.com> (Ken Raeburn's message of "Mon, 28 Jan 2013 20:24:12 -0500")
diskutil.c: Check for overflow in disk_util.path.
diskutil.h: Expand disk_util.path to PATH_MAX.
---
diskutil.c | 8 +++++++-
diskutil.h | 2 +-
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/diskutil.c b/diskutil.c
index fbc4268..22dc58f 100644
--- a/diskutil.c
+++ b/diskutil.c
@@ -276,13 +276,19 @@ static struct disk_util *disk_util_add(struct thread_data *td, int majdev,
{
struct disk_util *du, *__du;
struct flist_head *entry;
+ int l;
dprint(FD_DISKUTIL, "add maj/min %d/%d: %s\n", majdev, mindev, path);
du = smalloc(sizeof(*du));
memset(du, 0, sizeof(*du));
INIT_FLIST_HEAD(&du->list);
- sprintf(du->path, "%s/stat", path);
+ l = snprintf(du->path, sizeof(du->path), "%s/stat", path);
+ if (l < 0 || l >= sizeof(du->path)) {
+ log_err("constructed path \"%.100s[...]/stat\" larger than buffer (%zu bytes)\n",
+ path, sizeof(du->path) - 1);
+ exit(1);
+ }
strncpy((char *) du->dus.name, basename(path), FIO_DU_NAME_SZ);
du->sysfs_root = path;
du->major = majdev;
diff --git a/diskutil.h b/diskutil.h
index b89aacc..ddd6471 100644
--- a/diskutil.h
+++ b/diskutil.h
@@ -42,7 +42,7 @@ struct disk_util {
char *name;
char *sysfs_root;
- char path[256];
+ char path[PATH_MAX];
int major, minor;
struct disk_util_stat dus;
--
1.7.9.5
next prev parent reply other threads:[~2013-01-29 1:48 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-01-29 1:24 path name lengths Ken Raeburn
2013-01-29 1:48 ` Ken Raeburn [this message]
2013-01-29 9:17 ` [PATCH] Fix crash with absurdly but not impossibly deeply nested device stacks Jens Axboe
2013-01-29 9:19 ` Jens Axboe
2013-01-29 21:06 ` Ken Raeburn
2013-01-29 21:15 ` Jens Axboe
2013-01-29 22:09 ` Ken Raeburn
2013-01-30 11:58 ` Jens Axboe
2013-01-30 21:25 ` [PATCH] Fix bugs in [v]snprintf usage Ken Raeburn
2013-01-30 21:48 ` Jens Axboe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6ea9rsrc7u.fsf@just-testing.permabit.com \
--to=raeburn@permabit.com \
--cc=fio@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox