On 11/26/24 6:32 PM, Benjamin Coddington wrote:
Commit 9f7a91b51ffc ("libnsm: safer atomic filenames") messed up the length
arguement to snprintf() in nsm_make_temp_pathname such that the length is
longer than the computed string. When compiled with "-O
-D_FORTIFY_SOURCE=3", __snprintf_chk will fail and abort statd.
The fix is to correct the original size calculation, then pull one from the
snprintf length for the final "/".
Fixes: 9f7a91b51ffc ("libnsm: safer atomic filenames")
Signed-off-by: Benjamin Coddington <bcodding@xxxxxxxxxx>
Committed...
steved.
---
support/nsm/file.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/support/nsm/file.c b/support/nsm/file.c
index e0804136ccbe..6663cac3fb0c 100644
--- a/support/nsm/file.c
+++ b/support/nsm/file.c
@@ -187,7 +187,7 @@ nsm_make_temp_pathname(const char *pathname)
char *path, *base;
int len;
- size = strlen(pathname) + sizeof(".new") + 3;
+ size = strlen(pathname) + sizeof(".new") + 1;
if (size > PATH_MAX)
return NULL;
@@ -199,7 +199,7 @@ nsm_make_temp_pathname(const char *pathname)
strcpy(path, pathname);
len = base - pathname;
- len += snprintf(path + len + 1, size-len, ".%s.new", base+1);
+ len += snprintf(path + len + 1, size - len - 1, ".%s.new", base+1);
if (error_check(len, size)) {
free(path);
return NULL;
base-commit: eb5abb5c60ab60f3c2f22518d513ed187f39bd9b
