diff options
author | Amar Tumballi <amarts@redhat.com> | 2018-11-06 22:47:41 +0530 |
---|---|---|
committer | Shyamsundar Ranganathan <srangana@redhat.com> | 2018-11-09 14:03:02 +0000 |
commit | 83304fedb464fe3f97db662ce3e07bd948b7b7d9 (patch) | |
tree | e9bc09af05900b562a99bff6ff964ed19a9bf685 /libglusterfs/src/client_t.c | |
parent | 7136414bcc0426270f1df8720018af1b53fd228a (diff) |
all: fix the format string exceptions
Currently, there are possibilities in few places, where a user-controlled
(like filename, program parameter etc) string can be passed as 'fmt' for
printf(), which can lead to segfault, if the user's string contains '%s',
'%d' in it.
While fixing it, makes sense to make the explicit check for such issues
across the codebase, by making the format call properly.
Fixes: CVE-2018-14661
Fixes: bz#1647666
Change-Id: Ib547293f2d9eb618594cbff0df3b9c800e88bde4
Signed-off-by: Amar Tumballi <amarts@redhat.com>
Diffstat (limited to 'libglusterfs/src/client_t.c')
-rw-r--r-- | libglusterfs/src/client_t.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/libglusterfs/src/client_t.c b/libglusterfs/src/client_t.c index 35e0beda8d6..586cbd84e5c 100644 --- a/libglusterfs/src/client_t.c +++ b/libglusterfs/src/client_t.c @@ -585,7 +585,8 @@ client_dump(client_t *client, char *prefix) if (!client) return; - gf_proc_dump_write("refcount", GF_PRI_ATOMIC, GF_ATOMIC_GET(client->count)); + gf_proc_dump_write("refcount", "%" GF_PRI_ATOMIC, + GF_ATOMIC_GET(client->count)); } void @@ -626,7 +627,7 @@ clienttable_dump(clienttable_t *clienttable, char *prefix) if (GF_CLIENTENTRY_ALLOCATED == clienttable->cliententries[i].next_free) { gf_proc_dump_build_key(key, prefix, "cliententry[%d]", i); - gf_proc_dump_add_section(key); + gf_proc_dump_add_section("%s", key); cliententry_dump(&clienttable->cliententries[i], key); } } @@ -773,7 +774,7 @@ gf_client_dump_fdtables(xlator_t *this) gf_proc_dump_write(key, "%s", client->subdir_mount); } gf_proc_dump_build_key(key, "conn", "%d.ref", count); - gf_proc_dump_write(key, GF_PRI_ATOMIC, + gf_proc_dump_write(key, "%" GF_PRI_ATOMIC, GF_ATOMIC_GET(client->count)); if (client->bound_xl) { gf_proc_dump_build_key(key, "conn", "%d.bound_xl", count); |