From 74dbf0a9aac4b960832029ec122685b5b5009127 Mon Sep 17 00:00:00 2001 From: Amar Tumballi Date: Thu, 1 Nov 2018 07:25:25 +0530 Subject: all: fix the format string exceptions Currently, there are possibilities in few places, where a user-controlled (like filename, program parameter etc) string can be passed as 'fmt' for printf(), which can lead to segfault, if the user's string contains '%s', '%d' in it. While fixing it, makes sense to make the explicit check for such issues across the codebase, by making the format call properly. Fixes: CVE-2018-14661 Fixes: bz#1644763 Change-Id: Ib547293f2d9eb618594cbff0df3b9c800e88bde4 Signed-off-by: Amar Tumballi --- xlators/storage/posix/src/posix-common.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'xlators/storage/posix/src/posix-common.c') diff --git a/xlators/storage/posix/src/posix-common.c b/xlators/storage/posix/src/posix-common.c index 03cb532e2c5..3642d475cb5 100644 --- a/xlators/storage/posix/src/posix-common.c +++ b/xlators/storage/posix/src/posix-common.c @@ -112,7 +112,7 @@ posix_priv(xlator_t *this) (void)snprintf(key_prefix, GF_DUMP_MAX_BUF_LEN, "%s.%s", this->type, this->name); - gf_proc_dump_add_section(key_prefix); + gf_proc_dump_add_section("%s", key_prefix); if (!this) return 0; @@ -124,8 +124,8 @@ posix_priv(xlator_t *this) gf_proc_dump_write("base_path", "%s", priv->base_path); gf_proc_dump_write("base_path_length", "%d", priv->base_path_length); - gf_proc_dump_write("max_read", "%d", priv->read_value); - gf_proc_dump_write("max_write", "%d", priv->write_value); + gf_proc_dump_write("max_read", "%" PRId64, priv->read_value); + gf_proc_dump_write("max_write", "%" PRId64, priv->write_value); gf_proc_dump_write("nr_files", "%ld", priv->nr_files); return 0; -- cgit