| Message ID | 1446608590-3556-1-git-send-email-jiyin@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 11/03/2015 10:43 PM, stevens.yin wrote: > From: Jianhong Yin <jiyin@redhat.com> > > The buf[] size in test_export() is not enough for NFS_MAXPATHLEN > + prefix/suffix proto string. Fix it and same issue in dump(). > And just to be on the safe side, %s/sprintf/snprintf/ Next time please add a proper Signed-off-by line. Since I do know the history of this patch I did the Signed-off-by. Committed... steved. > --- > utils/exportfs/exportfs.c | 13 ++++++++----- > 1 file changed, 8 insertions(+), 5 deletions(-) > > diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c > index 8758231..c7a79a6 100644 > --- a/utils/exportfs/exportfs.c > +++ b/utils/exportfs/exportfs.c > @@ -499,9 +499,10 @@ unexportfs(char *arg, int verbose) > > static int can_test(void) > { > - char buf[1024]; > + char buf[1024] = { 0 }; > int fd; > int n; > + size_t bufsiz = sizeof(buf); > > fd = open("/proc/net/rpc/auth.unix.ip/channel", O_WRONLY); > if (fd < 0) > @@ -514,9 +515,9 @@ static int can_test(void) > * commit 2f74f972 (sunrpc: prepare NFS for 2038). > */ > if (time(NULL) > INT_TO_LONG_THRESHOLD_SECS) > - sprintf(buf, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX); > + snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX); > else > - sprintf(buf, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX); > + snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX); > > n = write(fd, buf, strlen(buf)); > close(fd); > @@ -532,7 +533,8 @@ static int can_test(void) > > static int test_export(char *path, int with_fsid) > { > - char buf[1024]; > + /* beside max path, buf size should take protocol str into account */ > + char buf[NFS_MAXPATHLEN+1+64] = { 0 }; > char *bp = buf; > int len = sizeof(buf); > int fd, n; > @@ -758,7 +760,8 @@ dumpopt(char c, char *fmt, ...) > static void > dump(int verbose, int export_format) > { > - char buf[1024]; > + /* buf[] size should >= sizeof(struct exportent->e_path) */ > + char buf[NFS_MAXPATHLEN+1] = { 0 }; > char *bp; > int len; > nfs_export *exp; > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
----- ???? ----- > ???: "Steve Dickson" <SteveD@redhat.com> > ???: "stevens.yin" <jiyin@redhat.com>, linux-nfs@vger.kernel.org > ????: ???, 2015? 11 ? 05? ?? 5:54:19 > ??: Re: [PATCH] exportfs: Fix buf size in test_export() dump(). > > > > On 11/03/2015 10:43 PM, stevens.yin wrote: > > From: Jianhong Yin <jiyin@redhat.com> > > > > The buf[] size in test_export() is not enough for NFS_MAXPATHLEN > > + prefix/suffix proto string. Fix it and same issue in dump(). > > And just to be on the safe side, %s/sprintf/snprintf/ > Next time please add a proper Signed-off-by line. Since > I do know the history of this patch I did the Signed-off-by. Got it, thanks! > > Committed... > > steved. > > > --- > > utils/exportfs/exportfs.c | 13 ++++++++----- > > 1 file changed, 8 insertions(+), 5 deletions(-) > > > > diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c > > index 8758231..c7a79a6 100644 > > --- a/utils/exportfs/exportfs.c > > +++ b/utils/exportfs/exportfs.c > > @@ -499,9 +499,10 @@ unexportfs(char *arg, int verbose) > > > > static int can_test(void) > > { > > - char buf[1024]; > > + char buf[1024] = { 0 }; > > int fd; > > int n; > > + size_t bufsiz = sizeof(buf); > > > > fd = open("/proc/net/rpc/auth.unix.ip/channel", O_WRONLY); > > if (fd < 0) > > @@ -514,9 +515,9 @@ static int can_test(void) > > * commit 2f74f972 (sunrpc: prepare NFS for 2038). > > */ > > if (time(NULL) > INT_TO_LONG_THRESHOLD_SECS) > > - sprintf(buf, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX); > > + snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX); > > else > > - sprintf(buf, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX); > > + snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX); > > > > n = write(fd, buf, strlen(buf)); > > close(fd); > > @@ -532,7 +533,8 @@ static int can_test(void) > > > > static int test_export(char *path, int with_fsid) > > { > > - char buf[1024]; > > + /* beside max path, buf size should take protocol str into account */ > > + char buf[NFS_MAXPATHLEN+1+64] = { 0 }; > > char *bp = buf; > > int len = sizeof(buf); > > int fd, n; > > @@ -758,7 +760,8 @@ dumpopt(char c, char *fmt, ...) > > static void > > dump(int verbose, int export_format) > > { > > - char buf[1024]; > > + /* buf[] size should >= sizeof(struct exportent->e_path) */ > > + char buf[NFS_MAXPATHLEN+1] = { 0 }; > > char *bp; > > int len; > > nfs_export *exp; > > > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/utils/exportfs/exportfs.c b/utils/exportfs/exportfs.c index 8758231..c7a79a6 100644 --- a/utils/exportfs/exportfs.c +++ b/utils/exportfs/exportfs.c @@ -499,9 +499,10 @@ unexportfs(char *arg, int verbose) static int can_test(void) { - char buf[1024]; + char buf[1024] = { 0 }; int fd; int n; + size_t bufsiz = sizeof(buf); fd = open("/proc/net/rpc/auth.unix.ip/channel", O_WRONLY); if (fd < 0) @@ -514,9 +515,9 @@ static int can_test(void) * commit 2f74f972 (sunrpc: prepare NFS for 2038). */ if (time(NULL) > INT_TO_LONG_THRESHOLD_SECS) - sprintf(buf, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX); + snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX); else - sprintf(buf, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX); + snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX); n = write(fd, buf, strlen(buf)); close(fd); @@ -532,7 +533,8 @@ static int can_test(void) static int test_export(char *path, int with_fsid) { - char buf[1024]; + /* beside max path, buf size should take protocol str into account */ + char buf[NFS_MAXPATHLEN+1+64] = { 0 }; char *bp = buf; int len = sizeof(buf); int fd, n; @@ -758,7 +760,8 @@ dumpopt(char c, char *fmt, ...) static void dump(int verbose, int export_format) { - char buf[1024]; + /* buf[] size should >= sizeof(struct exportent->e_path) */ + char buf[NFS_MAXPATHLEN+1] = { 0 }; char *bp; int len; nfs_export *exp;
From: Jianhong Yin <jiyin@redhat.com> The buf[] size in test_export() is not enough for NFS_MAXPATHLEN + prefix/suffix proto string. Fix it and same issue in dump(). And just to be on the safe side, %s/sprintf/snprintf/ --- utils/exportfs/exportfs.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-)