[pve-devel] applied: [PATCH] fix read after string end
Thomas Lamprecht
t.lamprecht at proxmox.com
Tue Jun 18 16:06:33 CEST 2019
On 6/18/19 2:24 PM, Dominik Csapak wrote:
> outs is not a zero-terminated string but has its length given by
> outslen, so use that (with a maximum of the size of msg)
>
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
> RADOS.xs | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/RADOS.xs b/RADOS.xs
> index f3f5516..7eca024 100644
> --- a/RADOS.xs
> +++ b/RADOS.xs
> @@ -131,8 +131,14 @@ CODE:
>
> if (ret < 0) {
> char msg[4096];
> - snprintf(msg, sizeof(msg), "mon_command failed - %s\n", outs);
> + if (outslen > sizeof(msg)) {
> + outslen = sizeof(msg);
> + }
while above could be really omitted without negative implications it
does not hurts either, so -> applied, thanks!
> + snprintf(msg, sizeof(msg), "mon_command failed - %.*s\n", (int)outslen, outs);
> rados_buffer_free(outs);
> + if (outbuf != NULL) {
> + rados_buffer_free(outbuf);
> + }
> die(msg);
> }
>
>
More information about the pve-devel
mailing list