|
|
11e6a64 |
From 2de8bebe132e3b998bf4848d0bd22b50367ad4b8 Mon Sep 17 00:00:00 2001
|
|
|
11e6a64 |
From: Lee Duncan <lduncan@suse.com>
|
|
|
11e6a64 |
Date: Sat, 16 Feb 2019 10:29:19 -0800
|
|
|
11e6a64 |
Subject: [PATCH] Fix gcc7 string truncation warnings.
|
|
|
11e6a64 |
MIME-Version: 1.0
|
|
|
11e6a64 |
Content-Type: text/plain; charset=UTF-8
|
|
|
11e6a64 |
Content-Transfer-Encoding: 8bit
|
|
|
11e6a64 |
|
|
|
11e6a64 |
Mostly, this is fixed by checking the legnth
|
|
|
11e6a64 |
of strings to be copied, making sure they will
|
|
|
11e6a64 |
fit where they are being copied to, and
|
|
|
11e6a64 |
erroring out if the copy will not fit. Then
|
|
|
11e6a64 |
we can just use strcpy(). We also use
|
|
|
11e6a64 |
scsi_sprintf() for copying to SCSI structures,
|
|
|
11e6a64 |
with their special requirements.
|
|
|
11e6a64 |
|
|
|
11e6a64 |
Signed-off-by: Petr Písař <ppisar@redhat.com>
|
|
|
11e6a64 |
---
|
|
|
11e6a64 |
usr/mgmt.c | 9 +++++++--
|
|
|
11e6a64 |
usr/smc.c | 9 +++++++--
|
|
|
11e6a64 |
usr/spc.c | 9 ++++++---
|
|
|
11e6a64 |
usr/tgtadm.c | 6 +++++-
|
|
|
11e6a64 |
4 files changed, 25 insertions(+), 8 deletions(-)
|
|
|
11e6a64 |
|
|
|
11e6a64 |
diff --git a/usr/mgmt.c b/usr/mgmt.c
|
|
|
11e6a64 |
index de23f14..00a4e08 100644
|
|
|
11e6a64 |
--- a/usr/mgmt.c
|
|
|
11e6a64 |
+++ b/usr/mgmt.c
|
|
|
11e6a64 |
@@ -797,11 +797,16 @@ int ipc_init(void)
|
|
|
11e6a64 |
goto close_lock_fd;
|
|
|
11e6a64 |
}
|
|
|
11e6a64 |
|
|
|
11e6a64 |
- snprintf(mgmt_path, sizeof(mgmt_path), "%s.%d", path, control_port);
|
|
|
11e6a64 |
+ snprintf(mgmt_path, sizeof(mgmt_path) - 1, "%s.%d", path, control_port);
|
|
|
11e6a64 |
+ if (strlen(mgmt_path) > (sizeof(addr.sun_path) - 1)) {
|
|
|
11e6a64 |
+ eprintf("managment path too long: %s\n", mgmt_path);
|
|
|
11e6a64 |
+ goto close_ipc_fd;
|
|
|
11e6a64 |
+ }
|
|
|
11e6a64 |
unlink(mgmt_path);
|
|
|
11e6a64 |
memset(&addr, 0, sizeof(addr));
|
|
|
11e6a64 |
addr.sun_family = AF_LOCAL;
|
|
|
11e6a64 |
- strncpy(addr.sun_path, mgmt_path, sizeof(addr.sun_path));
|
|
|
11e6a64 |
+ /* no need for strncpy because we already checked length */
|
|
|
11e6a64 |
+ strcpy(addr.sun_path, mgmt_path);
|
|
|
11e6a64 |
|
|
|
11e6a64 |
err = bind(fd, (struct sockaddr *) &addr, sizeof(addr));
|
|
|
11e6a64 |
if (err) {
|
|
|
11e6a64 |
diff --git a/usr/smc.c b/usr/smc.c
|
|
|
11e6a64 |
index b80aba2..bbc7b7f 100644
|
|
|
11e6a64 |
--- a/usr/smc.c
|
|
|
11e6a64 |
+++ b/usr/smc.c
|
|
|
11e6a64 |
@@ -732,8 +732,13 @@ static tgtadm_err config_slot(struct scsi_lu *lu, struct tmp_param *tmp)
|
|
|
11e6a64 |
adm_err = TGTADM_SUCCESS;
|
|
|
11e6a64 |
break;
|
|
|
11e6a64 |
}
|
|
|
11e6a64 |
- strncpy(s->barcode, tmp->barcode, sizeof(s->barcode));
|
|
|
11e6a64 |
- strncpy(s->volume_tag, tmp->volume_tag, sizeof(s->volume_tag));
|
|
|
11e6a64 |
+ if (strlen(tmp->barcode) > sizeof(s->barcode) ||
|
|
|
11e6a64 |
+ strlen(tmp->volume_tag) > sizeof(s->volume_tag)) {
|
|
|
11e6a64 |
+ eprintf("barcode or volume tag too large?");
|
|
|
11e6a64 |
+ break;
|
|
|
11e6a64 |
+ }
|
|
|
11e6a64 |
+ strcpy(s->barcode, tmp->barcode);
|
|
|
11e6a64 |
+ strcpy(s->volume_tag, tmp->volume_tag);
|
|
|
11e6a64 |
set_slot_full(s, 0, NULL);
|
|
|
11e6a64 |
adm_err = TGTADM_SUCCESS;
|
|
|
11e6a64 |
break;
|
|
|
11e6a64 |
diff --git a/usr/spc.c b/usr/spc.c
|
|
|
11e6a64 |
index 82a6ec9..902d5bf 100644
|
|
|
11e6a64 |
--- a/usr/spc.c
|
|
|
11e6a64 |
+++ b/usr/spc.c
|
|
|
11e6a64 |
@@ -289,9 +289,12 @@ int spc_inquiry(int host_no, struct scsi_cmd *cmd)
|
|
|
11e6a64 |
data[7] = 0x02;
|
|
|
11e6a64 |
|
|
|
11e6a64 |
memset(data + 8, 0x20, 28);
|
|
|
11e6a64 |
- strncpy((char *)data + 8, attrs->vendor_id, VENDOR_ID_LEN);
|
|
|
11e6a64 |
- strncpy((char *)data + 16, attrs->product_id, PRODUCT_ID_LEN);
|
|
|
11e6a64 |
- strncpy((char *)data + 32, attrs->product_rev, PRODUCT_REV_LEN);
|
|
|
11e6a64 |
+ scsi_sprintf((char *)data + 8, VENDOR_ID_LEN, "%-*s",
|
|
|
11e6a64 |
+ VENDOR_ID_LEN, attrs->vendor_id);
|
|
|
11e6a64 |
+ scsi_sprintf((char *)data + 16, PRODUCT_ID_LEN, "%-*s",
|
|
|
11e6a64 |
+ PRODUCT_ID_LEN, attrs->product_id);
|
|
|
11e6a64 |
+ scsi_sprintf((char *)data + 32, PRODUCT_REV_LEN, "%-*s",
|
|
|
11e6a64 |
+ PRODUCT_REV_LEN, attrs->product_rev);
|
|
|
11e6a64 |
|
|
|
11e6a64 |
desc = (uint16_t *)(data + 58);
|
|
|
11e6a64 |
for (i = 0; i < ARRAY_SIZE(attrs->version_desc); i++)
|
|
|
11e6a64 |
diff --git a/usr/tgtadm.c b/usr/tgtadm.c
|
|
|
11e6a64 |
index 5572c38..cb3eb1c 100644
|
|
|
11e6a64 |
--- a/usr/tgtadm.c
|
|
|
11e6a64 |
+++ b/usr/tgtadm.c
|
|
|
11e6a64 |
@@ -224,7 +224,11 @@ static int ipc_mgmt_connect(int *fd)
|
|
|
11e6a64 |
snprintf(mgmt_path, sizeof(mgmt_path), "%s.%d",
|
|
|
11e6a64 |
path, control_port);
|
|
|
11e6a64 |
|
|
|
11e6a64 |
- strncpy(addr.sun_path, mgmt_path, sizeof(addr.sun_path));
|
|
|
11e6a64 |
+ if (strlen(mgmt_path) > (sizeof(addr.sun_path) - 1)) {
|
|
|
11e6a64 |
+ eprintf("management path too long: %s\n", mgmt_path);
|
|
|
11e6a64 |
+ return EINVAL;
|
|
|
11e6a64 |
+ }
|
|
|
11e6a64 |
+ strcpy(addr.sun_path, mgmt_path);
|
|
|
11e6a64 |
|
|
|
11e6a64 |
err = connect(*fd, (struct sockaddr *) &addr, sizeof(addr));
|
|
|
11e6a64 |
if (err < 0)
|
|
|
11e6a64 |
--
|
|
|
11e6a64 |
2.20.1
|
|
|
11e6a64 |
|