Hello,
A patch for a potential buffer overflow in sprintf in
clm.c:my_cluster_node_load. See also
https://bugzilla.novell.com/show_bug.cgi?id=475620
Thanks,
Dejan
diff -ru openais/exec/clm.c openais-new//exec/clm.c
--- openais/exec/clm.c 2009-01-25 22:44:55.000000000 +0100
+++ openais-new//exec/clm.c 2009-02-13 17:58:41.000000000 +0100
@@ -277,8 +277,10 @@
iface_string = totemip_print (&interfaces[0]);
- sprintf ((char *)my_cluster_node.node_address.value, "%s",
- iface_string);
+ if (strlen(iface_string)+1 > sizeof(my_cluster_node.node_address.value))
+ log_printf (LOG_LEVEL_ERROR,
+ "iface_string <%s>%d larger than available storage (%d)", iface_string, strlen(iface_string), sizeof(my_cluster_node.node_address.value));
+ snprintf ((char *)my_cluster_node.node_address.value, sizeof(my_cluster_node.node_address.value), "%s", iface_string);
my_cluster_node.node_address.length =
strlen ((char *)my_cluster_node.node_address.value);
if (totempg_my_family_get () == AF_INET) {
_______________________________________________
Openais mailing list
[email protected]
https://lists.linux-foundation.org/mailman/listinfo/openais
