quotad: fix potential buffer overflows

This converts sprintf to gf_asprintf in following components: * quotad.c * dht * afr * protocol/client * rpc/rpc-lib * rpc/rpc-transport This is a backport of http://review.gluster.org/#/c/14102/ > Change-Id: If8a267bab3d91003bdef3a92664077a0136745ee > BUG: 1332073 > Signed-off-by: Raghavendra G <rgowdapp@redhat.com> > Reviewed-on: http://review.gluster.org/14102 > Tested-by: Manikandan Selvaganesh <mselvaga@redhat.com> > Smoke: Gluster Build System <jenkins@build.gluster.org> > NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> > CentOS-regression: Gluster Build System <jenkins@build.gluster.org> > Reviewed-by: Manikandan Selvaganesh <mselvaga@redhat.com> Change-Id: If8a267bab3d91003bdef3a92664077a0136745ee BUG: 1366746 Signed-off-by: Raghavendra G <rgowdapp@redhat.com> Reviewed-on: http://review.gluster.org/15325 Smoke: Gluster Build System <jenkins@build.gluster.org> Tested-by: Manikandan Selvaganesh <mselvaga@redhat.com> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
author: Raghavendra G <rgowdapp@redhat.com> 2016-05-06 12:26:29 +0530
committer: Raghavendra G <rgowdapp@redhat.com> 2016-08-27 04:10:42 -0700
commit: 6b406ac42f55233df474fa304dbb9e6fc447bd8f (patch)
tree: d4bd0fb066871bd210c0aa836778f7da180580b0
parent: 50fa85c071553b41f33a8167b31c8a9b54cfe3e3 (diff)
4 files changed, 37 insertions, 10 deletions
diff --git a/libglusterfs/src/common-utils.c b/libglusterfs/src/common-utils.c
index b62e69cf102..973e31c636c 100644
--- a/libglusterfs/src/common-utils.c
+++ b/libglusterfs/src/common-utils.c
@@ -667,9 +667,14 @@ gf_dump_config_flags ()
 /* Define to the full name and version of this package. */
 #ifdef PACKAGE_STRING
         {
-                char msg[128];
-                sprintf (msg, "package-string: %s", PACKAGE_STRING);
-                gf_msg_plain_nomem (GF_LOG_ALERT, msg);
+                char *msg = NULL;
+                int   ret = -1;
+
+                ret = gf_asprintf (&msg, "package-string: %s", PACKAGE_STRING);
+                if (ret >= 0) {
+                        gf_msg_plain_nomem (GF_LOG_ALERT, msg);
+                        GF_FREE (msg);
+                }
         }
 #endif
 
diff --git a/libglusterfs/src/graph.c b/libglusterfs/src/graph.c
index 2e290bb20a1..04bb92c7c75 100644
--- a/libglusterfs/src/graph.c
+++ b/libglusterfs/src/graph.c
@@ -598,16 +598,19 @@ _glusterfs_reachable_leaves(xlator_t *base, xlator_t *xl, dict_t *leaves)
         xlator_list_t *list = NULL;
         int err = 1;
         int pos = 0;
-        char strpos[6];
+        char *strpos = NULL;
 
         if (glusterfs_is_leaf(xl)) {
                 pos = glusterfs_leaf_position(xl);
                 if (pos < 0)
                         goto out;
-                sprintf(strpos, "%d", pos);
 
-                err = dict_set_static_ptr(leaves, strpos, base);
+                err = gf_asprintf(&strpos, "%d", pos);
 
+                if (err >= 0) {
+                        err = dict_set_static_ptr(leaves, strpos, base);
+                        GF_FREE (strpos);
+                }
         } else {
                 for (err = 0, list = xl->children;
                      !err && list;
diff --git a/xlators/cluster/dht/src/dht-helper.c b/xlators/cluster/dht/src/dht-helper.c
index 590d0043507..255c0823aac 100644
--- a/xlators/cluster/dht/src/dht-helper.c
+++ b/xlators/cluster/dht/src/dht-helper.c
@@ -353,17 +353,29 @@ out:
 static xlator_t *
 dht_get_subvol_from_id(xlator_t *this, int client_id)
 {
-        xlator_t *xl = NULL;
+        xlator_t   *xl   = NULL;
         dht_conf_t *conf = NULL;
-        char sid[6] = { 0 };
+        char       *sid  = NULL;
+        int32_t     ret  = -1;
 
         conf = this->private;
 
-        sprintf(sid, "%d", client_id);
+        ret = gf_asprintf(&sid, "%d", client_id);
+        if (ret == -1) {
+                gf_msg (this->name, GF_LOG_ERROR, 0,
+                        DHT_MSG_ASPRINTF_FAILED, "asprintf failed while "
+                        "fetching subvol from the id");
+                goto out;
+        }
+
         if (dict_get_ptr(conf->leaf_to_subvol, sid, (void **) &xl))
                 xl = NULL;
 
+        GF_FREE (sid);
+
+out:
         return xl;
+
 }
 
 int
diff --git a/xlators/cluster/dht/src/dht-messages.h b/xlators/cluster/dht/src/dht-messages.h
index 8c0b9103df1..153f4de0458 100644
--- a/xlators/cluster/dht/src/dht-messages.h
+++ b/xlators/cluster/dht/src/dht-messages.h
@@ -40,7 +40,7 @@
  */
 
 #define GLFS_DHT_BASE                   GLFS_MSGID_COMP_DHT
-#define GLFS_DHT_NUM_MESSAGES           116
+#define GLFS_DHT_NUM_MESSAGES           117
 #define GLFS_MSGID_END          (GLFS_DHT_BASE + GLFS_DHT_NUM_MESSAGES + 1)
 
 /* Messages with message IDs */
@@ -1071,5 +1071,12 @@
  */
 #define DHT_MSG_LOCK_INODE_UNREF_FAILED  (GLFS_DHT_BASE + 116)
 
+/*
+ * @messageid 109116
+ * @diagnosis
+ * @recommendedaction None
+ */
+#define DHT_MSG_ASPRINTF_FAILED         (GLFS_DHT_BASE + 117)
+
 #define glfs_msg_end_x GLFS_MSGID_END, "Invalid: End of messages"
 #endif /* _DHT_MESSAGES_H_ */
author	Raghavendra G <rgowdapp@redhat.com>	2016-05-06 12:26:29 +0530
committer	Raghavendra G <rgowdapp@redhat.com>	2016-08-27 04:10:42 -0700
commit	6b406ac42f55233df474fa304dbb9e6fc447bd8f (patch)
tree	d4bd0fb066871bd210c0aa836778f7da180580b0
parent	50fa85c071553b41f33a8167b31c8a9b54cfe3e3 (diff)