[#LU-4848] mdd_migrate_entries() uses snprintf() incorrectly

[LU-4848] mdd_migrate_entries() uses snprintf() incorrectly Created: 01/Apr/14 Updated: 09/Jan/20 Resolved: 09/Jan/20
Status:	Resolved
Project:	Lustre
Component/s:	None
Affects Version/s:	Lustre 2.6.0
Fix Version/s:	None

Type:

Bug

Priority:

Minor

Reporter:

John Hammond

Assignee:

WC Triage

Resolution:

Done

Votes:

Labels:

mdd

Severity:

Rank (Obsolete):

13359

Description

In mdd_migrate_entries(), lde_namelen + 1 is passed as the buffer size argument.

char *name = mdd_env_info(env)->mti_key;
...
snprintf(name, ent->lde_namelen + 1, "%s", ent->lde_name);

This is not the buffer size and in fact comes from disk. This should be:

char *name = mdd_env_info(env)->mti_key;
size_t name_size = sizeof(mdd_env_info(env)->mti_key);
...
snprintf(name, name_size, "%.*s", (int)ent->lde_namelen + 1, ent->lde_name);

Also recsize and lde_namelen should be validated against the allocated size of ent and (NAME_MAX). Currently recsize is set but unused.

Comments

Comment by Andreas Dilger [ 09/Jan/20 ]

This code no longer exists.

Generated at Sat Feb 10 01:46:22 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.

[LU-4848] mdd_migrate_entries() uses snprintf() incorrectly Created: 01/Apr/14 Updated: 09/Jan/20 Resolved: 09/Jan/20