diff options
author | Emmanuel Dreyfus <manu@netbsd.org> | 2015-04-27 06:37:01 +0200 |
---|---|---|
committer | Vijay Bellur <vbellur@redhat.com> | 2015-04-27 05:33:00 -0700 |
commit | ed96153b8a2586ccf00885ed73836921e26e5837 (patch) | |
tree | 5c7e6fdc78e504ff0fd1d02b453b03161ebd99db /xlators/cluster | |
parent | f2026fd6d5993fa5d57ccb7b0add832cef14e09c (diff) |
tier: fix off-by-one overrun in UUID string
UUID strings are UUID_CANONICAL_FORM_LEN (36) bytes long
plus the trailing nul character that various function (e.g.:
uuid_unparse) will add. As a consequence, UUID strings must
be declared as UUID_CANONICAL_FORM_LEN+1 long, otherwise
we get a off-by-one overrun that corrupts the next variable
on stack.
Backport of: I5837ad6ca06fa17cc7ab143eedd02d8099ecca2a
BUG: 1212676
Change-Id: I27bd223bdd72cda679b7cdc861e09e0f367bd6e4
Signed-off-by: Emmanuel Dreyfus <manu@netbsd.org>
Reviewed-on: http://review.gluster.org/10395
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Dan Lambright <dlambrig@redhat.com>
Diffstat (limited to 'xlators/cluster')
-rw-r--r-- | xlators/cluster/dht/src/tier.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/xlators/cluster/dht/src/tier.c b/xlators/cluster/dht/src/tier.c index cf481c5e7f2..f9c47fd5bc5 100644 --- a/xlators/cluster/dht/src/tier.c +++ b/xlators/cluster/dht/src/tier.c @@ -389,7 +389,7 @@ static int tier_gf_query_callback (gfdb_query_record_t *gfdb_query_record, void *_args) { int ret = -1; - char gfid_str[UUID_CANONICAL_FORM_LEN] = ""; + char gfid_str[UUID_CANONICAL_FORM_LEN+1] = ""; query_cbk_args_t *query_cbk_args = _args; GF_VALIDATE_OR_GOTO ("tier", query_cbk_args, out); |