[#LU-1855] Coverity: Fix 'out-of-bounds access' errors

Tracking bug for static code analysis fixes. (LU-2753) [LU-1855] Coverity: Fix 'out-of-bounds access' errors Created: 07/Sep/12 Updated: 30/Aug/23 Resolved: 04/Oct/12
Status:	Resolved
Project:	Lustre
Component/s:	None
Affects Version/s:	Lustre 2.4.0, Lustre 2.1.3
Fix Version/s:	Lustre 2.4.0

Type:

Technical task

Priority:

Major

Reporter:

Sebastien Buisson (Inactive)

Assignee:

Minh Diep

Resolution:

Fixed

Votes:

Labels:

build, coverity

Issue Links:

Related
is related to	LU-17000	Coverity static analysis issues	Open

Rank (Obsolete):

4410

Description

Thanks to the Coverity tool, we found some memory corruptions in the Lustre code, and more specifically cases of out-of-bounds access in functions sec_flags2str() and sptlrpc_secflags2str().
These functions take as arguments a buffer (2nd) and its size (3rd), that will be used by strncat(). Given that strncat() always adds a trailing '\0', the size passed to it must be 'bufsize-1'.

I will propose a patch to address this problem.

Sebastien.

Comments

Comment by Sebastien Buisson (Inactive) [ 07/Sep/12 ]

The patch is available here:
http://review.whamcloud.com/3902

Could you please review it?

Comment by Peter Jones [ 07/Sep/12 ]

Thanks for the patch Sebastien. Minh can you please take care of landing this patch?

Comment by Minh Diep [ 10/Sep/12 ]

sure

Comment by Minh Diep [ 04/Oct/12 ]

landed on master

Generated at Sat Feb 10 01:20:16 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.

[LU-1855] Coverity: Fix 'out-of-bounds access' errors Created: 07/Sep/12 Updated: 30/Aug/23 Resolved: 04/Oct/12