| Message ID | 1440689898-35178-2-git-send-email-bhlee.kernel@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
On Fri, Aug 28, 2015 at 12:38:16AM +0900, Byongho Lee wrote: > In btrfs-convert main(), strdup() allocates memory to fslabel but that > memory is not freed. We could fix it by adding free() calls to every > return point, but that would make the code messy because there are > several return paths. > So I fix it by changing the code using strdup() with local array and > strncpy(). > > And btrfs-convert main() guarantees that string length of fslabel is not > to exceed 'BTRFS_LABEL_SIZE', so it's enough to use strcpy() instead of > strncpy() to copy fslabel in do_convert(). > > Signed-off-by: Byongho Lee <bhlee.kernel@gmail.com> Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/btrfs-convert.c b/btrfs-convert.c index 917bbc1b74d2..25ae424ea73b 100644 --- a/btrfs-convert.c +++ b/btrfs-convert.c @@ -2428,7 +2428,7 @@ static int do_convert(const char *devname, int datacsum, int packing, int noxatt fprintf(stderr, "copy label '%s'\n", root->fs_info->super_copy->label); } else if (copylabel == -1) { - strncpy(root->fs_info->super_copy->label, fslabel, BTRFS_LABEL_SIZE); + strcpy(root->fs_info->super_copy->label, fslabel); fprintf(stderr, "set label to '%s'\n", fslabel); } @@ -2868,7 +2868,7 @@ int main(int argc, char *argv[]) int usage_error = 0; int progress = 1; char *file; - char *fslabel = NULL; + char fslabel[BTRFS_LABEL_SIZE+1]; u64 features = BTRFS_MKFS_DEFAULT_FEATURES; while(1) { @@ -2910,8 +2910,9 @@ int main(int argc, char *argv[]) break; case 'l': copylabel = -1; - fslabel = strdup(optarg); - if (strlen(fslabel) > BTRFS_LABEL_SIZE) { + fslabel[BTRFS_LABEL_SIZE] = 0; + strncpy(fslabel, optarg, sizeof(fslabel)); + if (fslabel[BTRFS_LABEL_SIZE]) { fprintf(stderr, "warning: label too long, trimmed to %d bytes\n", BTRFS_LABEL_SIZE);
In btrfs-convert main(), strdup() allocates memory to fslabel but that memory is not freed. We could fix it by adding free() calls to every return point, but that would make the code messy because there are several return paths. So I fix it by changing the code using strdup() with local array and strncpy(). And btrfs-convert main() guarantees that string length of fslabel is not to exceed 'BTRFS_LABEL_SIZE', so it's enough to use strcpy() instead of strncpy() to copy fslabel in do_convert(). Signed-off-by: Byongho Lee <bhlee.kernel@gmail.com> --- btrfs-convert.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-)