diff options
| author | Amar Tumballi <amarts@redhat.com> | 2018-11-01 07:25:25 +0530 |
|---|---|---|
| committer | Shyamsundar Ranganathan <srangana@redhat.com> | 2018-11-05 18:50:59 +0000 |
| commit | 74e8328d3f6901d6ba38a313965fe910c8411324 (patch) | |
| tree | 4816063d412cf9e436da301fccf165485bf22e18 /xlators/performance/quick-read | |
| parent | 2effe3b0d3fa51fc627c970353de2e326bcf1ef2 (diff) | |
all: fix the format string exceptions
Currently, there are possibilities in few places, where a user-controlled
(like filename, program parameter etc) string can be passed as 'fmt' for
printf(), which can lead to segfault, if the user's string contains '%s',
'%d' in it.
While fixing it, makes sense to make the explicit check for such issues
across the codebase, by making the format call properly.
Fixes: CVE-2018-14661
Fixes: bz#1644763
Change-Id: Ib547293f2d9eb618594cbff0df3b9c800e88bde4
Signed-off-by: Amar Tumballi <amarts@redhat.com>
Diffstat (limited to 'xlators/performance/quick-read')
| -rw-r--r-- | xlators/performance/quick-read/src/quick-read.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/xlators/performance/quick-read/src/quick-read.c b/xlators/performance/quick-read/src/quick-read.c index 21734607390..ea61a2ec302 100644 --- a/xlators/performance/quick-read/src/quick-read.c +++ b/xlators/performance/quick-read/src/quick-read.c @@ -1044,7 +1044,7 @@ qr_inodectx_dump(xlator_t *this, inode_t *inode) gf_proc_dump_build_key(key_prefix, "xlator.performance.quick-read", "inodectx"); - gf_proc_dump_add_section(key_prefix); + gf_proc_dump_add_section("%s", key_prefix); gf_proc_dump_write("entire-file-cached", "%s", qr_inode->data ? "yes" : "no"); @@ -1088,9 +1088,9 @@ qr_priv_dump(xlator_t *this) gf_proc_dump_build_key(key_prefix, "xlator.performance.quick-read", "priv"); - gf_proc_dump_add_section(key_prefix); + gf_proc_dump_add_section("%s", key_prefix); - gf_proc_dump_write("max_file_size", "%d", conf->max_file_size); + gf_proc_dump_write("max_file_size", "%" PRIu64, conf->max_file_size); gf_proc_dump_write("cache_timeout", "%d", conf->cache_timeout); if (!table) { @@ -1106,11 +1106,13 @@ qr_priv_dump(xlator_t *this) } gf_proc_dump_write("total_files_cached", "%d", file_count); - gf_proc_dump_write("total_cache_used", "%d", total_size); - gf_proc_dump_write("cache-hit", "%" PRId64, priv->qr_counter.cache_hit); - gf_proc_dump_write("cache-miss", "%" PRId64, priv->qr_counter.cache_miss); - gf_proc_dump_write("cache-invalidations", "%" PRId64, - priv->qr_counter.file_data_invals); + gf_proc_dump_write("total_cache_used", "%" PRIu64, total_size); + gf_proc_dump_write("cache-hit", "%" GF_PRI_ATOMIC, + GF_ATOMIC_GET(priv->qr_counter.cache_hit)); + gf_proc_dump_write("cache-miss", "%" GF_PRI_ATOMIC, + GF_ATOMIC_GET(priv->qr_counter.cache_miss)); + gf_proc_dump_write("cache-invalidations", "%" GF_PRI_ATOMIC, + GF_ATOMIC_GET(priv->qr_counter.file_data_invals)); out: return 0; |