[dm-devel] [PATCH 4/4] multipath: Fix a potential buffer overflow
Martin Wilck
mwilck at suse.com
Tue Jun 13 20:18:09 UTC 2017
On Tue, 2017-06-13 at 12:53 -0700, Bart Van Assche wrote:
> On 06/13/17 12:29, Martin Wilck wrote:
> > how about this simpler patch, as prflag is actually a boolean?
> >
> > diff --git a/multipathd/cli_handlers.c b/multipathd/cli_handlers.c
> > index 04c73866..c31ebd34 100644
> > --- a/multipathd/cli_handlers.c
> > +++ b/multipathd/cli_handlers.c
> > @@ -1337,7 +1337,7 @@ cli_getprstatus (void * v, char ** reply, int
> > * len, void * data)
> > memset(*reply,0,2);
> >
> >
> > - sprintf(*reply,"%d",mpp->prflag);
> > + sprintf(*reply, "%d", !!mpp->prflag);
> > (*reply)[1]='\0';
>
> Hello Martin,
>
> Every sprintf() call requires careful analysis to see whether or not
> it
> triggers a buffer overflow. I really would like to get rid of that
> sprintf() call.
Then we could write
snprintf(*reply, 2, "%d", !!mpp->prflag);
without needing _GNU_SOURCE.
Martin
--
Dr. Martin Wilck <mwilck at suse.com>, Tel. +49 (0)911 74053 2107
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton
HRB 21284 (AG Nürnberg)
More information about the dm-devel
mailing list