From 90f72efed8313efe0410634677f36d0fbdc5eab4 Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox@samba.org>
Date: Tue, 31 Mar 2015 09:41:10 +0200
Subject: features/changelog: fix possible illegal memory access (CID 1288821)

Coverity CID 1288821

strncpy executed with a limit equal to the target array
size potentially leaves the target string not null terminated.
Make sure the copied string is a valid 0 terminated string.

Change-Id: I5ecc60549864cf50e3facbb8a2d9228cd67b57b5
BUG: 789278
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-on: http://review.gluster.org/10061
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Reviewed-by: Venky Shankar <vshankar@redhat.com>
Tested-by: Venky Shankar <vshankar@redhat.com>
---
 xlators/features/changelog/lib/src/gf-changelog.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/xlators/features/changelog/lib/src/gf-changelog.c b/xlators/features/changelog/lib/src/gf-changelog.c
index f2a5135e12a..82abc662632 100644
--- a/xlators/features/changelog/lib/src/gf-changelog.c
+++ b/xlators/features/changelog/lib/src/gf-changelog.c
@@ -357,7 +357,8 @@ gf_setup_brick_connection (xlator_t *this,
         entry->connstate = GF_CHANGELOG_CONN_STATE_PENDING;
 
         entry->notify = brick->filter;
-        (void) strncpy (entry->brick, brick->brick_path, PATH_MAX);
+        (void) strncpy (entry->brick, brick->brick_path, PATH_MAX-1);
+        entry->brick[PATH_MAX-1] = 0;
 
         entry->this = this;
         entry->invokerxl = xl;
-- 
cgit