From d3b0af8e64df14ff310044f35387c9de4d36df0a Mon Sep 17 00:00:00 2001 From: Susant Palai Date: Thu, 26 Jul 2018 00:51:33 +0530 Subject: cloudsync: fix -Werror=format-truncation error on gcc8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Here is the gcc8 warning: libcloudsyncs3.c: In function ‘aws_download_s3’: libcloudsyncs3.c:480:48: error: ‘%s’ directive output may be truncated writing up to 4095 bytes into a region of size 1015 [-Werror=format-truncation=] snprintf(buf, sizeof(buf), "https://%s/%s", priv->hostname, resource); libcloudsyncs3.c:480:9: note: ‘snprintf’ output 10 or more bytes (assuming 4105) into a destination of size 1024 snprintf(buf, sizeof(buf), "https://%s/%s", priv->hostname, resource); Memleak: It fixes a memleak as well where sign_req in fn: aws_form_request was not freed. Adjusted the calloc size for sign_req as well to match with the demand. Test: Have tested the local cloudsync regression test to validate the changes. Smoke validation will be sufficient for the gcc8 warning fixes. Fixes: bz#1609126 Change-Id: I1c537b30168f2e0b54862344a951843e86b0b488 Signed-off-by: Susant Palai --- .../src/cloudsyncs3/src/libcloudsyncs3.c | 64 +++++++++++++++++----- 1 file changed, 51 insertions(+), 13 deletions(-) (limited to 'xlators/features/cloudsync') diff --git a/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c b/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c index 74e50871472..dc6a598fa81 100644 --- a/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c +++ b/xlators/features/cloudsync/src/cloudsync-plugins/src/cloudsyncs3/src/libcloudsyncs3.c @@ -241,29 +241,46 @@ aws_form_request (char *resource, char **date, char *reqtype, char *bucketid, time_t ctime; struct tm *gtime = NULL; char *sign_req = NULL; + int signreq_len = -1; + int date_len = -1; + int res_len = -1; ctime = time(NULL); gtime = gmtime(&ctime); - memset (httpdate, 0, sizeof(httpdate)); - strftime (httpdate, sizeof(httpdate), "%a, %d %b %Y %H:%M:%S +0000", - gtime); - *date = gf_strdup (httpdate); + date_len = strftime (httpdate, sizeof(httpdate), + "%a, %d %b %Y %H:%M:%S +0000", gtime); - memset (resource, 0, RESOURCE_SIZE); + *date = gf_strndup (httpdate, date_len); + if (*date == NULL) { + gf_msg ("CS", GF_LOG_ERROR, ENOMEM, 0, "memory allocation " + "failure for date"); + goto out; + } - snprintf(resource, RESOURCE_SIZE, "%s/%s", bucketid, filepath); + res_len = snprintf(resource, RESOURCE_SIZE, "%s/%s", bucketid, + filepath); gf_msg_debug ("CS", 0, "resource %s", resource); - sign_req = GF_CALLOC (1, 256, gf_common_mt_char); + /* 6 accounts for the 4 new line chars, one forward slash and + * one null char */ + signreq_len = res_len + date_len + strlen(reqtype) + 6; + + sign_req = GF_MALLOC (signreq_len, gf_common_mt_char); + if (sign_req == NULL) { + gf_msg ("CS", GF_LOG_ERROR, ENOMEM, 0, "memory allocation " + "failure for sign_req"); + goto out; + } - snprintf(sign_req, 256, "%s\n\n%s\n%s\n/%s", + snprintf(sign_req, signreq_len, "%s\n\n%s\n%s\n/%s", reqtype, "", *date, resource); +out: return sign_req; } @@ -421,7 +438,8 @@ out: int aws_download_s3 (call_frame_t *frame, void *config) { - char buf[1024]; + char *buf; + int bufsize = -1; CURL *handle = NULL; struct curl_slist *slist = NULL; struct curl_slist *tmp = NULL; @@ -437,7 +455,7 @@ aws_download_s3 (call_frame_t *frame, void *config) char *const reqtype = "GET"; char *signature = NULL; cs_local_t *local = NULL; - char resource[4096] = {0,}; + char resource[RESOURCE_SIZE] = {0,}; aws_private_t *priv = NULL; local = frame->local; @@ -472,12 +490,25 @@ aws_download_s3 (call_frame_t *frame, void *config) handle = curl_easy_init(); this = frame->this; - snprintf (buf, 1024, "Date: %s", date); + /* special numbers 6, 20, 10 accounts for static characters in the + * below snprintf string format arguments*/ + bufsize = strlen(date) + 6 + strlen(priv->awskeyid) + strlen(signature) + + 20 + strlen(priv->hostname) + 10; + + buf = (char *)alloca(bufsize); + if (!buf) { + gf_msg ("CS", GF_LOG_ERROR, ENOMEM, 0, "mem allocation " + "failed for buf"); + ret = -1; + goto out; + } + + snprintf (buf, bufsize, "Date: %s", date); slist = curl_slist_append(slist, buf); - snprintf (buf, sizeof(buf), "Authorization: AWS %s:%s", priv->awskeyid, + snprintf (buf, bufsize, "Authorization: AWS %s:%s", priv->awskeyid, signature); slist = curl_slist_append(slist, buf); - snprintf(buf, sizeof(buf), "https://%s/%s", priv->hostname, resource); + snprintf(buf, bufsize, "https://%s/%s", priv->hostname, resource); if (gf_log_get_loglevel () >= GF_LOG_DEBUG) { tmp = slist; @@ -525,6 +556,13 @@ aws_download_s3 (call_frame_t *frame, void *config) curl_easy_cleanup(handle); out: + if (sign_req) + GF_FREE (sign_req); + if (date) + GF_FREE (date); + if (signature) + GF_FREE (signature); + return ret; } -- cgit