Re: [PATCH 4/4] multipath: Fix a potential buffer overflow

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 06/13/17 13:18, Martin Wilck wrote:
> On Tue, 2017-06-13 at 12:53 -0700, Bart Van Assche wrote:
>> On 06/13/17 12:29, Martin Wilck wrote:
>>> how about this simpler patch, as prflag is actually a boolean?
>>>
>>> diff --git a/multipathd/cli_handlers.c b/multipathd/cli_handlers.c
>>> index 04c73866..c31ebd34 100644
>>> --- a/multipathd/cli_handlers.c
>>> +++ b/multipathd/cli_handlers.c
>>> @@ -1337,7 +1337,7 @@ cli_getprstatus (void * v, char ** reply, int
>>> * len, void * data)
>>>         memset(*reply,0,2);
>>>  
>>>  
>>> -       sprintf(*reply,"%d",mpp->prflag);
>>> +       sprintf(*reply, "%d", !!mpp->prflag);
>>>         (*reply)[1]='\0';
>>
>> Hello Martin,
>>
>> Every sprintf() call requires careful analysis to see whether or not
>> it
>> triggers a buffer overflow. I really would like to get rid of that
>> sprintf() call.
> 
> Then we could write
> 
> 	snprintf(*reply, 2, "%d", !!mpp->prflag);
>   
> without needing _GNU_SOURCE.

Hello Martin,

There are already three other multipath-tools source files that #define
_GNU_SOURCE so I don't see what's wrong with using _GNU_SOURCE.

Bart.

--
dm-devel mailing list
dm-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/dm-devel



[Index of Archives]     [DM Crypt]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite Discussion]     [KDE Users]     [Fedora Docs]

  Powered by Linux