| To: | Eric Sandeen <sandeen@xxxxxxxxxxx> |
|---|---|
| Subject: | Re: [PATCH 07/11] xfsprogs: xfs_fsr: replace sprintf with snprintf to avoid buffer overflow |
| From: | Dave Chinner <david@xxxxxxxxxxxxx> |
| Date: | Thu, 3 Dec 2015 17:07:01 +1100 |
| Cc: | xfs@xxxxxxxxxxx |
| Delivered-to: | xfs@xxxxxxxxxxx |
| In-reply-to: | <565FD6A2.9040406@xxxxxxxxxxx> |
| References: | <1449055167-19936-1-git-send-email-t.vivek@xxxxxxxxxxx> <1449055167-19936-8-git-send-email-t.vivek@xxxxxxxxxxx> <565FD6A2.9040406@xxxxxxxxxxx> |
| User-agent: | Mutt/1.5.21 (2010-09-15) |
On Wed, Dec 02, 2015 at 11:44:02PM -0600, Eric Sandeen wrote: > > it seems like the sprintfs in i.e. fsrall_cleanup() and tmp_init() > might have the same problem, no? > > And then what happens if it is truncated to SMBUFSZ; at that point > I think this needs error handling, if the string got truncated. Might be easier to simply increase the size of SMBUFSZ so that overrun is not possible? -Dave -- Dave Chinner david@xxxxxxxxxxxxx |
| Previous by Date: | Re: [PATCH 05/11] xfsprogs: xfs_mdrestore: check bad read count in perform_restore, Eric Sandeen |
|---|---|
| Next by Date: | Re: [PATCH 08/11] xfsprogs: xfs_repair: fix possible null dereference in build_ino_tree, Dave Chinner |
| Previous by Thread: | Re: [PATCH 07/11] xfsprogs: xfs_fsr: replace sprintf with snprintf to avoid buffer overflow, Eric Sandeen |
| Next by Thread: | [PATCH 05/11] xfsprogs: xfs_mdrestore: check bad read count in perform_restore, Vivek Trivedi |
| Indexes: | [Date] [Thread] [Top] [All Lists] |