summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRaghavendra G <rgowdapp@redhat.com>2016-05-06 12:26:29 +0530
committerRaghavendra G <rgowdapp@redhat.com>2016-08-25 05:18:09 -0700
commitc68b561f048a02f479819b1c9cb3b5b896db18a6 (patch)
tree08ebde402edbeab8af553d786ff70f112ba8e0ef
parentafabb66f36b75db4d5aee46e694990b63f454133 (diff)
quotad: fix potential buffer overflows
This converts sprintf to gf_asprintf in following components: * quotad.c * dht * afr * protocol/client * rpc/rpc-lib * rpc/rpc-transport Change-Id: If8a267bab3d91003bdef3a92664077a0136745ee BUG: 1332073 Signed-off-by: Raghavendra G <rgowdapp@redhat.com> Reviewed-on: http://review.gluster.org/14102 Tested-by: Manikandan Selvaganesh <mselvaga@redhat.com> Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: Manikandan Selvaganesh <mselvaga@redhat.com>
-rw-r--r--libglusterfs/src/common-utils.c11
-rw-r--r--libglusterfs/src/graph.c9
-rw-r--r--xlators/cluster/dht/src/dht-helper.c18
-rw-r--r--xlators/cluster/dht/src/dht-messages.h9
4 files changed, 37 insertions, 10 deletions
diff --git a/libglusterfs/src/common-utils.c b/libglusterfs/src/common-utils.c
index 311ed72d04c..8dc5141247e 100644
--- a/libglusterfs/src/common-utils.c
+++ b/libglusterfs/src/common-utils.c
@@ -668,9 +668,14 @@ gf_dump_config_flags ()
/* Define to the full name and version of this package. */
#ifdef PACKAGE_STRING
{
- char msg[128];
- sprintf (msg, "package-string: %s", PACKAGE_STRING);
- gf_msg_plain_nomem (GF_LOG_ALERT, msg);
+ char *msg = NULL;
+ int ret = -1;
+
+ ret = gf_asprintf (&msg, "package-string: %s", PACKAGE_STRING);
+ if (ret >= 0) {
+ gf_msg_plain_nomem (GF_LOG_ALERT, msg);
+ GF_FREE (msg);
+ }
}
#endif
diff --git a/libglusterfs/src/graph.c b/libglusterfs/src/graph.c
index 2e290bb20a1..04bb92c7c75 100644
--- a/libglusterfs/src/graph.c
+++ b/libglusterfs/src/graph.c
@@ -598,16 +598,19 @@ _glusterfs_reachable_leaves(xlator_t *base, xlator_t *xl, dict_t *leaves)
xlator_list_t *list = NULL;
int err = 1;
int pos = 0;
- char strpos[6];
+ char *strpos = NULL;
if (glusterfs_is_leaf(xl)) {
pos = glusterfs_leaf_position(xl);
if (pos < 0)
goto out;
- sprintf(strpos, "%d", pos);
- err = dict_set_static_ptr(leaves, strpos, base);
+ err = gf_asprintf(&strpos, "%d", pos);
+ if (err >= 0) {
+ err = dict_set_static_ptr(leaves, strpos, base);
+ GF_FREE (strpos);
+ }
} else {
for (err = 0, list = xl->children;
!err && list;
diff --git a/xlators/cluster/dht/src/dht-helper.c b/xlators/cluster/dht/src/dht-helper.c
index 590d0043507..255c0823aac 100644
--- a/xlators/cluster/dht/src/dht-helper.c
+++ b/xlators/cluster/dht/src/dht-helper.c
@@ -353,17 +353,29 @@ out:
static xlator_t *
dht_get_subvol_from_id(xlator_t *this, int client_id)
{
- xlator_t *xl = NULL;
+ xlator_t *xl = NULL;
dht_conf_t *conf = NULL;
- char sid[6] = { 0 };
+ char *sid = NULL;
+ int32_t ret = -1;
conf = this->private;
- sprintf(sid, "%d", client_id);
+ ret = gf_asprintf(&sid, "%d", client_id);
+ if (ret == -1) {
+ gf_msg (this->name, GF_LOG_ERROR, 0,
+ DHT_MSG_ASPRINTF_FAILED, "asprintf failed while "
+ "fetching subvol from the id");
+ goto out;
+ }
+
if (dict_get_ptr(conf->leaf_to_subvol, sid, (void **) &xl))
xl = NULL;
+ GF_FREE (sid);
+
+out:
return xl;
+
}
int
diff --git a/xlators/cluster/dht/src/dht-messages.h b/xlators/cluster/dht/src/dht-messages.h
index 8c0b9103df1..153f4de0458 100644
--- a/xlators/cluster/dht/src/dht-messages.h
+++ b/xlators/cluster/dht/src/dht-messages.h
@@ -40,7 +40,7 @@
*/
#define GLFS_DHT_BASE GLFS_MSGID_COMP_DHT
-#define GLFS_DHT_NUM_MESSAGES 116
+#define GLFS_DHT_NUM_MESSAGES 117
#define GLFS_MSGID_END (GLFS_DHT_BASE + GLFS_DHT_NUM_MESSAGES + 1)
/* Messages with message IDs */
@@ -1071,5 +1071,12 @@
*/
#define DHT_MSG_LOCK_INODE_UNREF_FAILED (GLFS_DHT_BASE + 116)
+/*
+ * @messageid 109116
+ * @diagnosis
+ * @recommendedaction None
+ */
+#define DHT_MSG_ASPRINTF_FAILED (GLFS_DHT_BASE + 117)
+
#define glfs_msg_end_x GLFS_MSGID_END, "Invalid: End of messages"
#endif /* _DHT_MESSAGES_H_ */