* [PATCH] xfstests: fix buffer overflow in lstat64.c
@ 2008-11-03 22:26 Eric Sandeen
2008-11-12 9:57 ` Christoph Hellwig
0 siblings, 1 reply; 3+ messages in thread
From: Eric Sandeen @ 2008-11-03 22:26 UTC (permalink / raw)
To: xfs mailing list
lstat64.c was putting an 11-byte string into a 10-byte buffer.
Signed-off-by: Eric Sandeen <sandeen@sandeen.net>
---
Index: xfs-cmds/xfstests/src/lstat64.c
===================================================================
--- xfs-cmds.orig/xfstests/src/lstat64.c
+++ xfs-cmds/xfstests/src/lstat64.c
@@ -57,7 +57,7 @@ int
main(int argc, char **argv)
{
struct stat64 sbuf;
- char mode[10];
+ char mode[11];
int i, c;
int terse_flag = 0;
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] xfstests: fix buffer overflow in lstat64.c
2008-11-03 22:26 [PATCH] xfstests: fix buffer overflow in lstat64.c Eric Sandeen
@ 2008-11-12 9:57 ` Christoph Hellwig
2008-11-12 13:34 ` Eric Sandeen
0 siblings, 1 reply; 3+ messages in thread
From: Christoph Hellwig @ 2008-11-12 9:57 UTC (permalink / raw)
To: Eric Sandeen; +Cc: xfs mailing list
On Mon, Nov 03, 2008 at 04:26:07PM -0600, Eric Sandeen wrote:
> lstat64.c was putting an 11-byte string into a 10-byte buffer.
What about somthing like this instead?
Index: xfs-cmds/xfstests/src/lstat64.c
===================================================================
--- xfs-cmds.orig/xfstests/src/lstat64.c 2008-11-12 10:55:16.000000000 +0100
+++ xfs-cmds/xfstests/src/lstat64.c 2008-11-12 10:55:50.000000000 +0100
@@ -57,7 +57,6 @@ int
main(int argc, char **argv)
{
struct stat64 sbuf;
- char mode[10];
int i, c;
int terse_flag = 0;
@@ -78,6 +77,7 @@ main(int argc, char **argv)
time(&timebuf);
for (i = optind; i < argc; i++) {
+ char *mode = "----------";
if( lstat64(argv[i], &sbuf) < 0) {
perror(argv[i]);
@@ -92,7 +92,6 @@ main(int argc, char **argv)
printf(" Size: %-10llu", (unsigned long long)sbuf.st_size);
}
- strcpy(mode,"----------");
if (sbuf.st_mode & (S_IEXEC>>6))
mode[9] = 'x';
if (sbuf.st_mode & (S_IWRITE>>6))
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] xfstests: fix buffer overflow in lstat64.c
2008-11-12 9:57 ` Christoph Hellwig
@ 2008-11-12 13:34 ` Eric Sandeen
0 siblings, 0 replies; 3+ messages in thread
From: Eric Sandeen @ 2008-11-12 13:34 UTC (permalink / raw)
To: Christoph Hellwig; +Cc: xfs mailing list
Christoph Hellwig wrote:
> On Mon, Nov 03, 2008 at 04:26:07PM -0600, Eric Sandeen wrote:
>> lstat64.c was putting an 11-byte string into a 10-byte buffer.
>
> What about somthing like this instead?
That's too easy! :)
Sure, that makes good sense.
-Eric
>
> Index: xfs-cmds/xfstests/src/lstat64.c
> ===================================================================
> --- xfs-cmds.orig/xfstests/src/lstat64.c 2008-11-12 10:55:16.000000000 +0100
> +++ xfs-cmds/xfstests/src/lstat64.c 2008-11-12 10:55:50.000000000 +0100
> @@ -57,7 +57,6 @@ int
> main(int argc, char **argv)
> {
> struct stat64 sbuf;
> - char mode[10];
> int i, c;
> int terse_flag = 0;
>
> @@ -78,6 +77,7 @@ main(int argc, char **argv)
> time(&timebuf);
>
> for (i = optind; i < argc; i++) {
> + char *mode = "----------";
>
> if( lstat64(argv[i], &sbuf) < 0) {
> perror(argv[i]);
> @@ -92,7 +92,6 @@ main(int argc, char **argv)
> printf(" Size: %-10llu", (unsigned long long)sbuf.st_size);
> }
>
> - strcpy(mode,"----------");
> if (sbuf.st_mode & (S_IEXEC>>6))
> mode[9] = 'x';
> if (sbuf.st_mode & (S_IWRITE>>6))
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2008-11-12 13:34 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-11-03 22:26 [PATCH] xfstests: fix buffer overflow in lstat64.c Eric Sandeen
2008-11-12 9:57 ` Christoph Hellwig
2008-11-12 13:34 ` Eric Sandeen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox