Re: [PATCH] fsck: use xasprintf to avoid buffer overruns with an insane fs type

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Feb 16, 2018 at 11:55:05AM -0400, Peter Cordes wrote:
> On Thu, Feb 15, 2018 at 03:05:08PM -0500, Theodore Ts'o wrote:
> > This prevents a crash when running the command:
> > 
> > fsck -t AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA /dev/sda
> > 
> > Reported-by: Hornseth_Brenan@xxxxxxx
> > Signed-off-by: Theodore Ts'o <tytso@xxxxxxx>
> > ---
> >  disk-utils/fsck.c | 15 +++++++++------
> >  1 file changed, 9 insertions(+), 6 deletions(-)
> > 
> > diff --git a/disk-utils/fsck.c b/disk-utils/fsck.c
> > index 58fd8ac59..8a07bc272 100644
> > --- a/disk-utils/fsck.c
> > +++ b/disk-utils/fsck.c
> > @@ -544,20 +544,20 @@ static char *find_fsck(const char *type)
> >  {
> >  	char *s;
> >  	const char *tpl;
> > -	static char prog[256];
> > +	static char *prog = NULL;
> 
>  You're allocating / freeing every time it's used, so it shouldn't be
> static anymore.

Ah, I miss the "static". Thanks.

> It might be easier to just use snprintf to truncate long strings,
> instead of introducing dynamic allocation which requires explicit
> freeing.  OTOH xasprintf makes it re-entrant / thread-safe, at the
> cost of forcing the caller to care about memory management.  (And at
> the cost of efficiency: prog is allocated / freed inside the loop.)

Well, I don't think dynamic allocation so big issue in this case, but
I'll try to improve it on Monday to make the code more elegant.

Maybe all we need is to check -t argument and reject non-senses
already in main() ;-)

    Karel

-- 
 Karel Zak  <kzak@xxxxxxxxxx>
 http://karelzak.blogspot.com
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux