Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-17718

Coverity: 424705 (String overflow) under upcall_cache.c

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Minor
    • Lustre 2.16.0
    • Lustre 2.16.0
    • 3
    • 9223372036854775807

    Description

      CID 424705: Security best practices violations (STRING_OVERFLOW)
      /lustre/obdclass/upcall_cache.c: 187 in upcall_cache_set_upcall()

      181     invalid:
182         OBD_FREE(upcall, count + 1);
183         return -EINVAL;
184     
185     valid:
186         down_write(&cache->uc_upcall_rwsem);
  CID 424705:  Security best practices violations  (STRING_OVERFLOW)
  You might overrun the 1024-character fixed-size string "cache->uc_upcall" by copying "upcall" without checking the length.
187         strcpy(cache->uc_upcall, upcall);
188         up_write(&cache->uc_upcall_rwsem);
189     
190         OBD_FREE(upcall, count + 1);
191         return 0;
192     }

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. LU-17724 sanity-sec test_69: crash the setting sptlrpc.gss.rsi_upcall=prog

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              sebastien Sebastien Buisson
              sebastien Sebastien Buisson
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: