[LU-1855] Coverity: Fix 'out-of-bounds access' errors - Whamcloud Community JIRA

Details

Type: Technical task
Resolution: Fixed
Priority: Major
Fix Version/s: Lustre 2.4.0
Affects Version/s: Lustre 2.4.0, Lustre 2.1.3
Labels:
- build
- coverity

Rank (Obsolete):
4410

Description

Thanks to the Coverity tool, we found some memory corruptions in the Lustre code, and more specifically cases of out-of-bounds access in functions sec_flags2str() and sptlrpc_secflags2str().
These functions take as arguments a buffer (2nd) and its size (3rd), that will be used by strncat(). Given that strncat() always adds a trailing '\0', the size passed to it must be 'bufsize-1'.

I will propose a patch to address this problem.

Sebastien.

Attachments

Issue Links

is related to

LU-17000 Coverity static analysis issues

Open

Activity

[LU-1855] Coverity: Fix 'out-of-bounds access' errors

Minh Diep added a comment - 04/Oct/12 11:04 AM

landed on master

Minh Diep added a comment - 04/Oct/12 11:04 AM landed on master

Minh Diep added a comment - 10/Sep/12 11:25 PM

sure

Minh Diep added a comment - 10/Sep/12 11:25 PM sure

Peter Jones added a comment - 07/Sep/12 4:49 PM

Thanks for the patch Sebastien. Minh can you please take care of landing this patch?

Peter Jones added a comment - 07/Sep/12 4:49 PM Thanks for the patch Sebastien. Minh can you please take care of landing this patch?

Sebastien Buisson (Inactive) added a comment - 07/Sep/12 5:08 AM

The patch is available here:
http://review.whamcloud.com/3902

Could you please review it?

Sebastien Buisson (Inactive) added a comment - 07/Sep/12 5:08 AM The patch is available here: http://review.whamcloud.com/3902 Could you please review it?

People

Assignee:: Minh Diep

Reporter:: Sebastien Buisson (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 07/Sep/12 4:46 AM

Updated:: 30/Aug/23 9:27 PM

Resolved:: 04/Oct/12 11:04 AM