xfs
[Top] [All Lists]

Re: [PATCH] xfstests: fix buffer overflow in lstat64.c

To: Christoph Hellwig <hch@xxxxxxxxxxxxx>
Subject: Re: [PATCH] xfstests: fix buffer overflow in lstat64.c
From: Eric Sandeen <sandeen@xxxxxxxxxxx>
Date: Wed, 12 Nov 2008 07:34:32 -0600
Cc: xfs mailing list <xfs@xxxxxxxxxxx>
In-reply-to: <20081112095702.GA2496@xxxxxxxxxxxxx>
References: <490F7A7F.9010102@xxxxxxxxxxx> <20081112095702.GA2496@xxxxxxxxxxxxx>
User-agent: Thunderbird 2.0.0.17 (Macintosh/20080914)
Christoph Hellwig wrote:
> On Mon, Nov 03, 2008 at 04:26:07PM -0600, Eric Sandeen wrote:
>> lstat64.c was putting an 11-byte string into a 10-byte buffer.
> 
> What about somthing like this instead?

That's too easy! :)

Sure, that makes good sense.

-Eric

> 
> Index: xfs-cmds/xfstests/src/lstat64.c
> ===================================================================
> --- xfs-cmds.orig/xfstests/src/lstat64.c      2008-11-12 10:55:16.000000000 
> +0100
> +++ xfs-cmds/xfstests/src/lstat64.c   2008-11-12 10:55:50.000000000 +0100
> @@ -57,7 +57,6 @@ int
>  main(int argc, char **argv)
>  {
>       struct stat64   sbuf;
> -     char            mode[10];
>       int             i, c;
>       int             terse_flag = 0;
>  
> @@ -78,6 +77,7 @@ main(int argc, char **argv)
>       time(&timebuf);
>  
>       for (i = optind; i < argc; i++) {
> +             char *mode = "----------";
>  
>               if( lstat64(argv[i], &sbuf) < 0) {
>                       perror(argv[i]);
> @@ -92,7 +92,6 @@ main(int argc, char **argv)
>                       printf("  Size: %-10llu", (unsigned long 
> long)sbuf.st_size);
>               }
>  
> -             strcpy(mode,"----------");
>               if (sbuf.st_mode & (S_IEXEC>>6))
>                       mode[9] = 'x';
>               if (sbuf.st_mode & (S_IWRITE>>6))
> 

<Prev in Thread] Current Thread [Next in Thread>