From patchwork Mon Feb 7 12:22:02 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eduardo Silva X-Patchwork-Id: 537861 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter1.kernel.org (8.14.4/8.14.3) with ESMTP id p17CMpuA027253 for ; Mon, 7 Feb 2011 12:22:51 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1750893Ab1BGMWp (ORCPT ); Mon, 7 Feb 2011 07:22:45 -0500 Received: from rcsinet10.oracle.com ([148.87.113.121]:62071 "EHLO rcsinet10.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750725Ab1BGMWo (ORCPT ); Mon, 7 Feb 2011 07:22:44 -0500 Received: from acsinet15.oracle.com (acsinet15.oracle.com [141.146.126.227]) by rcsinet10.oracle.com (Switch-3.4.2/Switch-3.4.2) with ESMTP id p17CMg9k011774 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Mon, 7 Feb 2011 12:22:43 GMT Received: from acsmt354.oracle.com (acsmt354.oracle.com [141.146.40.154]) by acsinet15.oracle.com (Switch-3.4.2/Switch-3.4.1) with ESMTP id p17CKod8009325 for ; Mon, 7 Feb 2011 12:22:42 GMT Received: from abhmt005.oracle.com by acsmt353.oracle.com with ESMTP id 984279661297081326; Mon, 07 Feb 2011 04:22:06 -0800 Received: from [10.159.219.53] (/10.159.219.53) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Mon, 07 Feb 2011 04:22:06 -0800 Subject: [PATCH] Btrfs-progs use safe string manipulation functions From: Eduardo Silva To: linux-btrfs@vger.kernel.org Date: Mon, 07 Feb 2011 09:22:02 -0300 Message-ID: <1297081322.4615.10.camel@monotop> Mime-Version: 1.0 X-Mailer: Evolution 2.30.3 X-Source-IP: acsmt354.oracle.com [141.146.40.154] X-Auth-Type: Internal IP X-CT-RefId: str=0001.0A090206.4D4FE412.00A0:SCFMA4539814,ss=1,fgs=0 Sender: linux-btrfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-btrfs@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.6 (demeter1.kernel.org [140.211.167.41]); Mon, 07 Feb 2011 12:22:51 +0000 (UTC) From 5fc888c71981e4b74ba29dd53bf0d5a65b3ee504 Mon Sep 17 00:00:00 2001 From: Eduardo Silva Date: Mon, 7 Feb 2011 08:55:04 -0300 Subject: [PATCH] [PATCH] Btrfs-progs use safe string manipulation functions Signed-off-by: Eduardo Silva --- btrfs_cmds.c | 14 +++++++------- btrfsctl.c | 2 +- convert.c | 2 +- utils.c | 9 +++++---- 4 files changed, 14 insertions(+), 13 deletions(-) diff --git a/btrfs_cmds.c b/btrfs_cmds.c index 8031c58..fffb423 100644 --- a/btrfs_cmds.c +++ b/btrfs_cmds.c @@ -375,7 +375,7 @@ int do_clone(int argc, char **argv) printf("Create a snapshot of '%s' in '%s/%s'\n", subvol, dstdir, newname); args.fd = fd; - strcpy(args.name, newname); + strncpy(args.name, newname, BTRFS_PATH_NAME_MAX); res = ioctl(fddst, BTRFS_IOC_SNAP_CREATE, &args); close(fd); @@ -436,7 +436,7 @@ int do_delete_subvolume(int argc, char **argv) } printf("Delete subvolume '%s/%s'\n", dname, vname); - strcpy(args.name, vname); + strncpy(args.name, vname, BTRFS_PATH_NAME_MAX); res = ioctl(fd, BTRFS_IOC_SNAP_DESTROY, &args); close(fd); @@ -490,7 +490,7 @@ int do_create_subvol(int argc, char **argv) } printf("Create subvolume '%s/%s'\n", dstdir, newname); - strcpy(args.name, newname); + strncpy(args.name, newname, BTRFS_PATH_NAME_MAX); res = ioctl(fddst, BTRFS_IOC_SUBVOL_CREATE, &args); close(fddst); @@ -553,7 +553,7 @@ int do_scan(int argc, char **argv) printf("Scanning for Btrfs filesystems in '%s'\n", argv[i]); - strcpy(args.name, argv[i]); + strncpy(args.name, argv[i], BTRFS_PATH_NAME_MAX); /* * FIXME: which are the error code returned by this ioctl ? * it seems that is impossible to understand if there no is @@ -593,7 +593,7 @@ int do_resize(int argc, char **argv) } printf("Resize '%s' of '%s'\n", path, amount); - strcpy(args.name, amount); + strncpy(args.name, amount, BTRFS_PATH_NAME_MAX); res = ioctl(fd, BTRFS_IOC_RESIZE, &args); close(fd); if( res < 0 ){ @@ -736,7 +736,7 @@ int do_add_volume(int nargs, char **args) } close(devfd); - strcpy(ioctl_args.name, args[i]); + strncpy(ioctl_args.name, args[i], BTRFS_PATH_NAME_MAX); res = ioctl(fdmnt, BTRFS_IOC_ADD_DEV, &ioctl_args); if(res<0){ fprintf(stderr, "ERROR: error adding the device '%s'\n", args[i]); @@ -792,7 +792,7 @@ int do_remove_volume(int nargs, char **args) struct btrfs_ioctl_vol_args arg; int res; - strcpy(arg.name, args[i]); + strncpy(arg.name, args[i], BTRFS_PATH_NAME_MAX); res = ioctl(fdmnt, BTRFS_IOC_RM_DEV, &arg); if(res<0){ fprintf(stderr, "ERROR: error removing the device '%s'\n", args[i]); diff --git a/btrfsctl.c b/btrfsctl.c index 92bdf39..adfa519 100644 --- a/btrfsctl.c +++ b/btrfsctl.c @@ -237,7 +237,7 @@ int main(int ac, char **av) } if (name) - strcpy(args.name, name); + strncpy(args.name, name, BTRFS_PATH_NAME_MAX + 1); else args.name[0] = '\0'; diff --git a/convert.c b/convert.c index d037c98..fbcf4a3 100644 --- a/convert.c +++ b/convert.c @@ -857,7 +857,7 @@ static int copy_single_xattr(struct btrfs_trans_handle *trans, data = databuf; datalen = bufsize; } - strcpy(namebuf, xattr_prefix_table[name_index]); + strncpy(namebuf, xattr_prefix_table[name_index], XATTR_NAME_MAX); strncat(namebuf, EXT2_EXT_ATTR_NAME(entry), entry->e_name_len); if (name_len + datalen > BTRFS_LEAF_DATA_SIZE(root) - sizeof(struct btrfs_item) - sizeof(struct btrfs_dir_item)) { diff --git a/utils.c b/utils.c index fd894f3..96ef94d 100644 --- a/utils.c +++ b/utils.c @@ -108,7 +108,7 @@ int make_btrfs(int fd, const char *device, const char *label, btrfs_set_super_csum_type(&super, BTRFS_CSUM_TYPE_CRC32); btrfs_set_super_chunk_root_generation(&super, 1); if (label) - strcpy(super.label, label); + strncpy(super.label, label, BTRFS_LABEL_SIZE - 1); buf = malloc(sizeof(*buf) + max(sectorsize, leafsize)); @@ -828,7 +828,7 @@ void btrfs_register_one_device(char *fname) "skipping device registration\n"); return; } - strcpy(args.name, fname); + strncpy(args.name, fname, BTRFS_PATH_NAME_MAX); ret = ioctl(fd, BTRFS_IOC_SCAN_DEV, &args); close(fd); } @@ -971,6 +971,7 @@ static char *size_strs[] = { "", "KB", "MB", "GB", "TB", char *pretty_sizes(u64 size) { int num_divs = 0; + int pretty_len = 16; u64 last_size = size; u64 fract_size = size; float fraction; @@ -988,8 +989,8 @@ char *pretty_sizes(u64 size) return NULL; fraction = (float)fract_size / 1024; - pretty = malloc(16); - sprintf(pretty, "%.2f%s", fraction, size_strs[num_divs-1]); + pretty = malloc(pretty_len); + snprintf(pretty, pretty_len, "%.2f%s", fraction, size_strs[num_divs-1]); return pretty; } -- 1.7.1