Lawrence Livermore National Labs recently ran the source code analysis tool Coverity over the e2fsprogs-1.39 source to see if it would identify any significant bugs. The analysis turned up 38 mostly minor issues which are enumerated here with patches. We went through and resolved these issues but would love to see these mostly minor changes reviewed and commited upstream. Thanks, Brian Behlendorf <behlendorf1@xxxxxxxx>, and Herb Wartens <wartens2@xxxxxxxx> ----------------------------------------------------------------------------- Coverity ID: 13: Overrun Static Add an extra byte to EXT2_NAME_LEN in the static allocation for the required trailing NULL. This allows filenames up to the maximum length of EXT2_NAME_LEN withover an overrun. Index: e2fsprogs+chaos/debugfs/htree.c =================================================================== --- e2fsprogs+chaos.orig/debugfs/htree.c +++ e2fsprogs+chaos/debugfs/htree.c @@ -35,7 +35,7 @@ static void htree_dump_leaf_node(ext2_fi struct ext2_dir_entry *dirent; int thislen, col = 0; unsigned int offset = 0; - char name[EXT2_NAME_LEN]; + char name[EXT2_NAME_LEN + 1]; char tmp[EXT2_NAME_LEN + 16]; blk_t pblk; ext2_dirhash_t hash; @@ -63,7 +63,7 @@ static void htree_dump_leaf_node(ext2_fi fprintf(pager, "Corrupted directory block (%u)!\n", blk); break; } - thislen = ((dirent->name_len & 0xFF) < EXT2_NAME_LEN) ? + thislen = ((dirent->name_len & 0xFF) <= EXT2_NAME_LEN) ? (dirent->name_len & 0xFF) : EXT2_NAME_LEN; strncpy(name, dirent->name, thislen); name[thislen] = '\0'; - To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
