summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGauravKumarGarg <ggarg@redhat.com>2014-11-28 12:02:20 +0530
committerKaushal M <kaushal@redhat.com>2014-12-08 23:10:39 -0800
commit4aa63e28509eb47d293eddb4f61317d409598c23 (patch)
tree95e2e31ad8425f3d1b836eccae1479e90441bb6b
parent6b83a658ede66ebbb0983f1e4a326fd12cc91c34 (diff)
glusterd: Coverity fix for string_overflow overrun
In function glusterd_dump_peer() it is copying "input_key" into "key" buffer without checking the length which might cause string_overflow overrun. Similar problem with other coverity issue. With this fix it will copy "input_key" into "key" buffer by maximum length of buffer. Coverity CID: 1256171 Coverity CID: 1256172 Coverity CID: 1256174 Change-Id: I4e092309d9503bd79ff82cf83ed5e8d758743453 BUG: 1093692 Signed-off-by: Gaurav Kumar Garg ggarg <ggarg@redhat.com> Reviewed-on: http://review.gluster.org/9208 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Atin Mukherjee <amukherj@redhat.com> Reviewed-by: Kaushal M <kaushal@redhat.com>
Diffstat
-rw-r--r--xlators/mgmt/glusterd/src/glusterd-handshake.c2
-rw-r--r--xlators/mgmt/glusterd/src/glusterd.c4
2 files changed, 3 insertions, 3 deletions
diff --git a/xlators/mgmt/glusterd/src/glusterd-handshake.c b/xlators/mgmt/glusterd/src/glusterd-handshake.c
index 8414fa8e9bb..72e479070b6 100644
--- a/xlators/mgmt/glusterd/src/glusterd-handshake.c
+++ b/xlators/mgmt/glusterd/src/glusterd-handshake.c
@@ -296,7 +296,7 @@ gotvolinfo:
ret = stat (path, &stbuf);
if ((ret == -1) && (errno == ENOENT)) {
- strcpy (dup_volid, volid_ptr);
+ strncpy (dup_volid, volid_ptr, (PATH_MAX - 1));
if (!strchr (dup_volid, '.')) {
switch (volinfo->transport_type) {
case GF_TRANSPORT_TCP:
diff --git a/xlators/mgmt/glusterd/src/glusterd.c b/xlators/mgmt/glusterd/src/glusterd.c
index 1ea2f357026..d81ee435840 100644
--- a/xlators/mgmt/glusterd/src/glusterd.c
+++ b/xlators/mgmt/glusterd/src/glusterd.c
@@ -284,7 +284,7 @@ glusterd_dump_peer (glusterd_peerinfo_t *peerinfo, char *input_key, int index,
char subkey[50] = {0,};
char key[GF_DUMP_MAX_BUF_LEN] = {0,};
- strcpy (key, input_key);
+ strncpy (key, input_key, (GF_DUMP_MAX_BUF_LEN - 1));
snprintf (subkey, sizeof (subkey), "%s%d", key, index);
@@ -327,7 +327,7 @@ glusterd_dump_peer_rpcstat (glusterd_peerinfo_t *peerinfo, char *input_key,
char subkey[50] = {0,};
char key[GF_DUMP_MAX_BUF_LEN] = {0,};
- strcpy (key, input_key);
+ strncpy (key, input_key, (GF_DUMP_MAX_BUF_LEN - 1));
/* Dump the rpc connection statistics */
rpc = peerinfo->rpc;
generated by cgit (git 2.34.1) at 2024-04-19 08:46:44 +0000