Re: [PATCH 2/9] xfsdump: Fix overflow of "question" string in Media

Re: [PATCH 2/9] xfsdump: Fix overflow of "question" string in Media_prom

To:	Eric Sandeen <sandeen@xxxxxxxxxx>
Subject:	Re: [PATCH 2/9] xfsdump: Fix overflow of "question" string in Media_prompt_erase()
From:	Christoph Hellwig <hch@xxxxxxxxxxxxx>
Date:	Wed, 12 Nov 2014 10:58:45 -0800
Cc:	xfs@xxxxxxxxxxx
Delivered-to:	xfs@xxxxxxxxxxx
In-reply-to:	<1415818638-32700-3-git-send-email-sandeen@xxxxxxxxxx>
References:	<1415818638-32700-1-git-send-email-sandeen@xxxxxxxxxx> <1415818638-32700-3-git-send-email-sandeen@xxxxxxxxxx>
User-agent:	Mutt/1.5.23 (2014-03-12)

On Wed, Nov 12, 2014 at 12:57:11PM -0600, Eric Sandeen wrote:
> The string we were sprintf'ing is trivially longer than the array
> we allocated for it.
> 
> Allocate something big enough, and snprintf to avoid overflow

How about switching it to asprintf() to get rid of that dangerous static
buffer entirely?

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCH 0/9] Random xfsdump fixes, Eric Sandeen [PATCH 3/9] xfsdump: fix wrong test for hard stack limit change failure, Eric Sandeen [PATCH 2/9] xfsdump: Fix overflow of "question" string in Media_prompt_erase(), Eric Sandeen Re: [PATCH 2/9] xfsdump: Fix overflow of "question" string in Media_prompt_erase(), Christoph Hellwig <= [PATCH 2/9 V2] xfsdump: Fix overflow of "question" string in Media_prompt_erase(), Eric Sandeen Re: [PATCH 2/9 V2] xfsdump: Fix overflow of "question" string in Media_prompt_erase(), Christoph Hellwig Re: [PATCH 2/9 V2] xfsdump: Fix overflow of "question" string in Media_prompt_erase(), Eric Sandeen [PATCH 6/9] xfsdump: free suboptstrs if mlog_init1 fails, Eric Sandeen [PATCH 5/9] xfsdump: remove some unreachable code, Eric Sandeen [PATCH 4/9] xfsdump: remove pointless if (dirty);, Eric Sandeen Re: [PATCH 4/9] xfsdump: remove pointless if (dirty);, Mark Tinguely Re: [PATCH 4/9] xfsdump: remove pointless if (dirty);, Eric Sandeen Re: [PATCH 4/9] xfsdump: remove pointless if (dirty);, Mark Tinguely [PATCH 9/9] xfsdump: fix uninit ackstr in content_mediachange_query(), Eric Sandeen

Previous by Date:	[PATCH 8/9] xfsdump: children[] is an array of child pointers, not of child structures, Eric Sandeen
Next by Date:	[PATCH 2/9 V2] xfsdump: Fix overflow of "question" string in Media_prompt_erase(), Eric Sandeen
Previous by Thread:	[PATCH 2/9] xfsdump: Fix overflow of "question" string in Media_prompt_erase(), Eric Sandeen
Next by Thread:	[PATCH 2/9 V2] xfsdump: Fix overflow of "question" string in Media_prompt_erase(), Eric Sandeen
Indexes:	[Date] [Thread] [Top] [All Lists]