[sheepdog] [PATCH] sheep: fix improper strncmp usage in fill_vdi_info_range()
Liu Yuan
namei.unix at gmail.com
Wed Dec 4 04:04:46 CET 2013
On Wed, Dec 04, 2013 at 11:53:57AM +0900, Ryusuke Konishi wrote:
> The following usage of strncmp in fill_vdi_info_range function is a
> misuse. It is inefficient and also unsafe because it can overrun if
> inode->name is not terminated with a null byte due to malformed inode
> object:
>
> strncmp(inode->name, name, strlen(inode->name))
>
> This fixes the issue by replacing the size argument
> "strlen(inode->name)" with "sizeof(inode->name)".
>
> Signed-off-by: Ryusuke Konishi <konishi.ryusuke at lab.ntt.co.jp>
> ---
> sheep/vdi.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/sheep/vdi.c b/sheep/vdi.c
> index 60bc52d..c8751ed 100644
> --- a/sheep/vdi.c
> +++ b/sheep/vdi.c
> @@ -561,7 +561,7 @@ static int fill_vdi_info_range(uint32_t left, uint32_t right,
> continue;
> }
>
> - if (!strncmp(inode->name, name, strlen(inode->name))) {
> + if (!strncmp(inode->name, name, sizeof(inode->name))) {
> sd_debug("%s = %s, %u = %u", iocb->tag, inode->tag,
> iocb->snapid, inode->snap_id);
> if (vdi_has_tag(iocb)) {
Applied thanks
Yuan
More information about the sheepdog
mailing list