diff mbox series

[v2,1/2] Fix unsafe string functions

Message ID 20230511025513.13783-2-kinga.tanska@intel.com (mailing list archive)
State Mainlined, archived
Delegated to: Jes Sorensen
Headers show
Series Fix unsafe string functions | expand

Commit Message

Kinga Tanska May 11, 2023, 2:55 a.m. UTC
Add string length limitations where necessary to
avoid buffer overflows.

Signed-off-by: Kinga Tanska <kinga.tanska@intel.com>
---
 mdmon.c          | 6 +++---
 mdopen.c         | 4 ++--
 platform-intel.c | 2 +-
 super-intel.c    | 6 +++---
 4 files changed, 9 insertions(+), 9 deletions(-)
diff mbox series

Patch

diff --git a/mdmon.c b/mdmon.c
index cef5bbc8..a2038fe6 100644
--- a/mdmon.c
+++ b/mdmon.c
@@ -240,7 +240,7 @@  static int make_control_sock(char *devname)
 		return -1;
 
 	addr.sun_family = PF_LOCAL;
-	strcpy(addr.sun_path, path);
+	snprintf(addr.sun_path, sizeof(addr.sun_path), "%s", path);
 	umask(077); /* ensure no world write access */
 	if (bind(sfd, (struct sockaddr*)&addr, sizeof(addr)) < 0) {
 		close(sfd);
@@ -389,7 +389,7 @@  int main(int argc, char *argv[])
 
 	if (all) {
 		struct mdstat_ent *mdstat, *e;
-		int container_len = strlen(container_name);
+		int container_len = strnlen(container_name, MD_NAME_MAX);
 
 		/* launch an mdmon instance for each container found */
 		mdstat = mdstat_read(0, 0);
@@ -472,7 +472,7 @@  static int mdmon(char *devnm, int must_fork, int takeover)
 		pfd[0] = pfd[1] = -1;
 
 	container = xcalloc(1, sizeof(*container));
-	strcpy(container->devnm, devnm);
+	snprintf(container->devnm, MD_NAME_MAX, "%s", devnm);
 	container->arrays = NULL;
 	container->sock = -1;
 
diff --git a/mdopen.c b/mdopen.c
index d3022a54..3daa71f9 100644
--- a/mdopen.c
+++ b/mdopen.c
@@ -193,14 +193,14 @@  int create_mddev(char *dev, char *name, int autof, int trustworthy,
 
 	if (dev) {
 		if (strncmp(dev, DEV_MD_DIR, DEV_MD_DIR_LEN) == 0) {
-			strcpy(cname, dev + DEV_MD_DIR_LEN);
+			snprintf(cname, MD_NAME_MAX, "%s", dev + DEV_MD_DIR_LEN);
 		} else if (strncmp(dev, "/dev/", 5) == 0) {
 			char *e = dev + strlen(dev);
 			while (e > dev && isdigit(e[-1]))
 				e--;
 			if (e[0])
 				num = strtoul(e, NULL, 10);
-			strcpy(cname, dev+5);
+			snprintf(cname, MD_NAME_MAX, "%s", dev + 5);
 			cname[e-(dev+5)] = 0;
 			/* name *must* be mdXX or md_dXX in this context */
 			if (num < 0 ||
diff --git a/platform-intel.c b/platform-intel.c
index 914164c0..eb6e1b7e 100644
--- a/platform-intel.c
+++ b/platform-intel.c
@@ -214,7 +214,7 @@  struct sys_dev *device_by_id_and_path(__u16 device_id, const char *path)
 
 static int devpath_to_ll(const char *dev_path, const char *entry, unsigned long long *val)
 {
-	char path[strlen(dev_path) + strlen(entry) + 2];
+	char path[strnlen(dev_path, PATH_MAX) + strnlen(entry, PATH_MAX) + 2];
 	int fd;
 	int n;
 
diff --git a/super-intel.c b/super-intel.c
index ae0f4a8c..18a0e505 100644
--- a/super-intel.c
+++ b/super-intel.c
@@ -6998,7 +6998,7 @@  active_arrays_by_format(char *name, char* hba, struct md_list **devlist,
 			int fd = -1;
 			while (dev && !is_fd_valid(fd)) {
 				char *path = xmalloc(strlen(dev->name) + strlen("/dev/") + 1);
-				num = sprintf(path, "%s%s", "/dev/", dev->name);
+				num = snprintf(path, PATH_MAX, "%s%s", "/dev/", dev->name);
 				if (num > 0)
 					fd = open(path, O_RDONLY, 0);
 				if (num <= 0 || !is_fd_valid(fd)) {
@@ -7897,7 +7897,7 @@  static int kill_subarray_imsm(struct supertype *st, char *subarray_id)
 
 		if (i < current_vol)
 			continue;
-		sprintf(subarray, "%u", i);
+		snprintf(subarray, sizeof(subarray), "%u", i);
 		if (is_subarray_active(subarray, st->devnm)) {
 			pr_err("deleting subarray-%d would change the UUID of active subarray-%d, aborting\n",
 			       current_vol, i);
@@ -11270,7 +11270,7 @@  static const char *imsm_get_disk_controller_domain(const char *path)
 	char *drv=NULL;
 	struct stat st;
 
-	strcpy(disk_path, disk_by_path);
+	strncpy(disk_path, disk_by_path, PATH_MAX);
 	strncat(disk_path, path, PATH_MAX - strlen(disk_path) - 1);
 	if (stat(disk_path, &st) == 0) {
 		struct sys_dev* hba;