[sheepdog] [PATCH] sheep: fix improper strncmp usage in fill_vdi_info_range()
Ryusuke Konishi
konishi.ryusuke at lab.ntt.co.jp
Wed Dec 4 03:53:57 CET 2013
The following usage of strncmp in fill_vdi_info_range function is a
misuse. It is inefficient and also unsafe because it can overrun if
inode->name is not terminated with a null byte due to malformed inode
object:
strncmp(inode->name, name, strlen(inode->name))
This fixes the issue by replacing the size argument
"strlen(inode->name)" with "sizeof(inode->name)".
Signed-off-by: Ryusuke Konishi <konishi.ryusuke at lab.ntt.co.jp>
---
sheep/vdi.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sheep/vdi.c b/sheep/vdi.c
index 60bc52d..c8751ed 100644
--- a/sheep/vdi.c
+++ b/sheep/vdi.c
@@ -561,7 +561,7 @@ static int fill_vdi_info_range(uint32_t left, uint32_t right,
continue;
}
- if (!strncmp(inode->name, name, strlen(inode->name))) {
+ if (!strncmp(inode->name, name, sizeof(inode->name))) {
sd_debug("%s = %s, %u = %u", iocb->tag, inode->tag,
iocb->snapid, inode->snap_id);
if (vdi_has_tag(iocb)) {
--
1.7.9.3
More information about the sheepdog
mailing list