summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEmmanuel Dreyfus <manu@netbsd.org>2015-04-27 06:32:40 +0200
committerVijay Bellur <vbellur@redhat.com>2015-04-27 05:32:50 -0700
commit464d0d15328bd54173b367953ba9ee58d697afe5 (patch)
tree3593026f6ca2d7437155d74413623489f3f85be7
parent472d5c67013913ca8646f32ece214a767a955ef9 (diff)
tier: fix off-by-one overrun in UUID string
UUID strings are UUID_CANONICAL_FORM_LEN (36) bytes long plus the trailing nul character that various function (e.g.: uuid_unparse) will add. As a consequence, UUID strings must be declared as UUID_CANONICAL_FORM_LEN+1 long, otherwise we get a off-by-one overrun that corrupts the next variable on stack. BUG: 1129939 Change-Id: I5837ad6ca06fa17cc7ab143eedd02d8099ecca2a Signed-off-by: Emmanuel Dreyfus <manu@netbsd.org> Reviewed-on: http://review.gluster.org/10394 Tested-by: NetBSD Build System Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com>
-rw-r--r--xlators/cluster/dht/src/tier.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/xlators/cluster/dht/src/tier.c b/xlators/cluster/dht/src/tier.c
index cbe91c362c8..8180d77787d 100644
--- a/xlators/cluster/dht/src/tier.c
+++ b/xlators/cluster/dht/src/tier.c
@@ -389,7 +389,7 @@ static int
tier_gf_query_callback (gfdb_query_record_t *gfdb_query_record,
void *_args) {
int ret = -1;
- char gfid_str[UUID_CANONICAL_FORM_LEN] = "";
+ char gfid_str[UUID_CANONICAL_FORM_LEN+1] = "";
query_cbk_args_t *query_cbk_args = _args;
GF_VALIDATE_OR_GOTO ("tier", query_cbk_args, out);