diff options
author | Amar Tumballi <amarts@redhat.com> | 2018-11-06 22:47:41 +0530 |
---|---|---|
committer | Shyamsundar Ranganathan <srangana@redhat.com> | 2018-11-09 14:03:02 +0000 |
commit | 83304fedb464fe3f97db662ce3e07bd948b7b7d9 (patch) | |
tree | e9bc09af05900b562a99bff6ff964ed19a9bf685 /xlators/mgmt/glusterd/src/glusterd-quota.c | |
parent | 7136414bcc0426270f1df8720018af1b53fd228a (diff) |
all: fix the format string exceptions
Currently, there are possibilities in few places, where a user-controlled
(like filename, program parameter etc) string can be passed as 'fmt' for
printf(), which can lead to segfault, if the user's string contains '%s',
'%d' in it.
While fixing it, makes sense to make the explicit check for such issues
across the codebase, by making the format call properly.
Fixes: CVE-2018-14661
Fixes: bz#1647666
Change-Id: Ib547293f2d9eb618594cbff0df3b9c800e88bde4
Signed-off-by: Amar Tumballi <amarts@redhat.com>
Diffstat (limited to 'xlators/mgmt/glusterd/src/glusterd-quota.c')
-rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-quota.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/xlators/mgmt/glusterd/src/glusterd-quota.c b/xlators/mgmt/glusterd/src/glusterd-quota.c index 1734d5e10e5..6029b738590 100644 --- a/xlators/mgmt/glusterd/src/glusterd-quota.c +++ b/xlators/mgmt/glusterd/src/glusterd-quota.c @@ -2169,7 +2169,7 @@ glusterd_op_stage_quota(dict_t *dict, char **op_errstr, dict_t *rsp_dict) gf_asprintf(op_errstr, "Hard-limit " "value out of range (0 - %" PRId64 "): %s", - hard_limit_str); + hard_limit, hard_limit_str); else gf_msg(this->name, GF_LOG_ERROR, errno, GD_MSG_CONVERSION_FAILED, |