lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <426367E2313C2449837CD2DE46E7EAF930E5A917@SN2PRD0310MB382.namprd03.prod.outlook.com>
Date:	Mon, 26 Nov 2012 20:43:40 +0000
From:	KY Srinivasan <kys@...rosoft.com>
To:	Tomas Hozza <thozza@...hat.com>, "olaf@...fle.de" <olaf@...fle.de>
CC:	"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"devel@...uxdriverproject.org" <devel@...uxdriverproject.org>,
	"apw@...onical.com" <apw@...onical.com>,
	"jasowang@...hat.com" <jasowang@...hat.com>
Subject: RE: [PATCH] Tools: hv: Fix for long file names from readdir



> -----Original Message-----
> From: Tomas Hozza [mailto:thozza@...hat.com]
> Sent: Friday, November 09, 2012 7:47 AM
> To: olaf@...fle.de; KY Srinivasan
> Cc: gregkh@...uxfoundation.org; linux-kernel@...r.kernel.org;
> devel@...uxdriverproject.org; apw@...onical.com; jasowang@...hat.com;
> Tomas Hozza
> Subject: [PATCH] Tools: hv: Fix for long file names from readdir
> 
> kvp_get_if_name and kvp_mac_to_if_name copy strings into statically
> sized buffers which could be too small to store really long names.
> 
> Buffer sizes have been changed to PATH_MAX, include "limits.h" where
> PATH_MAX is defined was added and length checks ware added via snprintf.
> 
> Signed-off-by: Tomas Hozza <thozza@...hat.com>
Acked-by:  K. Y. Srinivasan <kys@...rosoft.com>

> ---
>  tools/hv/hv_kvp_daemon.c | 26 +++++++++-----------------
>  1 file changed, 9 insertions(+), 17 deletions(-)
> 
> diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c
> index 13c2a14..54ecb95 100644
> --- a/tools/hv/hv_kvp_daemon.c
> +++ b/tools/hv/hv_kvp_daemon.c
> @@ -44,6 +44,7 @@
>  #include <fcntl.h>
>  #include <dirent.h>
>  #include <net/if.h>
> +#include <limits.h>
> 
>  /*
>   * KVP protocol: The user mode component first registers with the
> @@ -592,26 +593,22 @@ static char *kvp_get_if_name(char *guid)
>  	DIR *dir;
>  	struct dirent *entry;
>  	FILE    *file;
> -	char    *p, *q, *x;
> +	char    *p, *x;
>  	char    *if_name = NULL;
>  	char    buf[256];
>  	char *kvp_net_dir = "/sys/class/net/";
> -	char dev_id[256];
> +	char dev_id[PATH_MAX];
> 
>  	dir = opendir(kvp_net_dir);
>  	if (dir == NULL)
>  		return NULL;
> 
> -	snprintf(dev_id, sizeof(dev_id), "%s", kvp_net_dir);
> -	q = dev_id + strlen(kvp_net_dir);
> -
>  	while ((entry = readdir(dir)) != NULL) {
>  		/*
>  		 * Set the state for the next pass.
>  		 */
> -		*q = '\0';
> -		strcat(dev_id, entry->d_name);
> -		strcat(dev_id, "/device/device_id");
> +		snprintf(dev_id, sizeof(dev_id), "%s%s/device/device_id",
> kvp_net_dir,
> +				entry->d_name);
> 
>  		file = fopen(dev_id, "r");
>  		if (file == NULL)
> @@ -684,28 +681,23 @@ static char *kvp_mac_to_if_name(char *mac)
>  	DIR *dir;
>  	struct dirent *entry;
>  	FILE    *file;
> -	char    *p, *q, *x;
> +	char    *p, *x;
>  	char    *if_name = NULL;
>  	char    buf[256];
>  	char *kvp_net_dir = "/sys/class/net/";
> -	char dev_id[256];
> +	char dev_id[PATH_MAX];
>  	int i;
> 
>  	dir = opendir(kvp_net_dir);
>  	if (dir == NULL)
>  		return NULL;
> 
> -	snprintf(dev_id, sizeof(dev_id), kvp_net_dir);
> -	q = dev_id + strlen(kvp_net_dir);
> -
>  	while ((entry = readdir(dir)) != NULL) {
>  		/*
>  		 * Set the state for the next pass.
>  		 */
> -		*q = '\0';
> -
> -		strcat(dev_id, entry->d_name);
> -		strcat(dev_id, "/address");
> +		snprintf(dev_id, sizeof(dev_id), "%s%s/address", kvp_net_dir,
> +                entry->d_name);
> 
>  		file = fopen(dev_id, "r");
>  		if (file == NULL)
> --
> 1.7.11.7



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ