From c68b561f048a02f479819b1c9cb3b5b896db18a6 Mon Sep 17 00:00:00 2001
From: Raghavendra G <rgowdapp@redhat.com>
Date: Fri, 6 May 2016 12:26:29 +0530
Subject: quotad: fix potential buffer overflows

This converts sprintf to gf_asprintf in following components:                                                                                                          * quotad.c
* dht
* afr
* protocol/client
* rpc/rpc-lib
* rpc/rpc-transport

Change-Id: If8a267bab3d91003bdef3a92664077a0136745ee
BUG: 1332073
Signed-off-by: Raghavendra G <rgowdapp@redhat.com>
Reviewed-on: http://review.gluster.org/14102
Tested-by: Manikandan Selvaganesh <mselvaga@redhat.com>
Smoke: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: Manikandan Selvaganesh <mselvaga@redhat.com>
---
 xlators/cluster/dht/src/dht-helper.c   | 18 +++++++++++++++---
 xlators/cluster/dht/src/dht-messages.h |  9 ++++++++-
 2 files changed, 23 insertions(+), 4 deletions(-)

(limited to 'xlators')

diff --git a/xlators/cluster/dht/src/dht-helper.c b/xlators/cluster/dht/src/dht-helper.c
index 590d0043507..255c0823aac 100644
--- a/xlators/cluster/dht/src/dht-helper.c
+++ b/xlators/cluster/dht/src/dht-helper.c
@@ -353,17 +353,29 @@ out:
 static xlator_t *
 dht_get_subvol_from_id(xlator_t *this, int client_id)
 {
-        xlator_t *xl = NULL;
+        xlator_t   *xl   = NULL;
         dht_conf_t *conf = NULL;
-        char sid[6] = { 0 };
+        char       *sid  = NULL;
+        int32_t     ret  = -1;
 
         conf = this->private;
 
-        sprintf(sid, "%d", client_id);
+        ret = gf_asprintf(&sid, "%d", client_id);
+        if (ret == -1) {
+                gf_msg (this->name, GF_LOG_ERROR, 0,
+                        DHT_MSG_ASPRINTF_FAILED, "asprintf failed while "
+                        "fetching subvol from the id");
+                goto out;
+        }
+
         if (dict_get_ptr(conf->leaf_to_subvol, sid, (void **) &xl))
                 xl = NULL;
 
+        GF_FREE (sid);
+
+out:
         return xl;
+
 }
 
 int
diff --git a/xlators/cluster/dht/src/dht-messages.h b/xlators/cluster/dht/src/dht-messages.h
index 8c0b9103df1..153f4de0458 100644
--- a/xlators/cluster/dht/src/dht-messages.h
+++ b/xlators/cluster/dht/src/dht-messages.h
@@ -40,7 +40,7 @@
  */
 
 #define GLFS_DHT_BASE                   GLFS_MSGID_COMP_DHT
-#define GLFS_DHT_NUM_MESSAGES           116
+#define GLFS_DHT_NUM_MESSAGES           117
 #define GLFS_MSGID_END          (GLFS_DHT_BASE + GLFS_DHT_NUM_MESSAGES + 1)
 
 /* Messages with message IDs */
@@ -1071,5 +1071,12 @@
  */
 #define DHT_MSG_LOCK_INODE_UNREF_FAILED  (GLFS_DHT_BASE + 116)
 
+/*
+ * @messageid 109116
+ * @diagnosis
+ * @recommendedaction None
+ */
+#define DHT_MSG_ASPRINTF_FAILED         (GLFS_DHT_BASE + 117)
+
 #define glfs_msg_end_x GLFS_MSGID_END, "Invalid: End of messages"
 #endif /* _DHT_MESSAGES_H_ */
-- 
cgit