node_desc.description buffer is received from the network and should
not be NULL-terminated. In such cases using it as regular string in
functions like strcmp() or printf() leads to segmentation faults.
This patch fixes such usages.
Signed-off-by: Sasha Khapyorsky <[EMAIL PROTECTED]>
---
diags/src/saquery.c | 22 ++++++++++++++++------
1 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/diags/src/saquery.c b/diags/src/saquery.c
index 5b4a85e..f5b23fd 100644
--- a/diags/src/saquery.c
+++ b/diags/src/saquery.c
@@ -90,17 +90,21 @@ static void
print_node_desc(ib_node_record_t *node_record)
{
ib_node_info_t *p_ni = &(node_record->node_info);
+ ib_node_desc_t *p_nd = &(node_record->node_desc);
if (p_ni->node_type == IB_NODE_TYPE_CA)
{
+ char desc[sizeof(p_nd->description) + 1];
+ memcpy(desc, p_nd->description, sizeof(p_nd->description));
+ desc[sizeof(desc) - 1] = '\0';
printf("%6d \"%s\"\n",
- cl_ntoh16(node_record->lid),
- node_record->node_desc.description);
+ cl_ntoh16(node_record->lid), desc);
}
}
void
print_node_record(ib_node_record_t *node_record)
{
+ char desc[sizeof(node_record->node_desc.description) + 1];
ib_node_info_t *p_ni = NULL;
p_ni = &(node_record->node_info);
@@ -117,6 +121,10 @@ print_node_record(ib_node_record_t *node
break;
}
+ memcpy(desc, node_record->node_desc.description,
+ sizeof(node_record->node_desc.description));
+ desc[sizeof(desc) - 1] = '\0';
+
printf("NodeRecord dump:\n"
"\t\tlid.....................0x%X\n"
"\t\treserved................0x%X\n"
@@ -148,7 +156,7 @@ print_node_record(ib_node_record_t *node
cl_ntoh32( p_ni->revision ),
ib_node_info_get_local_port_num( p_ni ),
cl_ntoh32( ib_node_info_get_vendor_id( p_ni )),
- node_record->node_desc.description
+ desc
);
}
@@ -448,8 +456,9 @@ print_node_records(osm_bind_handle_t bin
print_node_desc(node_record);
} else {
if (!requested_name ||
- (strcmp(requested_name,
- (char *)node_record->node_desc.description)
== 0)) {
+ (strncmp(requested_name,
+ (char *)node_record->node_desc.description,
+
sizeof(node_record->node_desc.description)) == 0)) {
print_node_record(node_record);
if (node_print_desc == UNIQUE_LID_ONLY) {
return_mad();
@@ -481,7 +490,8 @@ get_lid_from_name(osm_bind_handle_t bind
for (i = 0; i < result.result_cnt; i++) {
node_record = osmv_get_query_node_rec(result.p_result_madw, i);
p_ni = &(node_record->node_info);
- if (name && strcmp(name, node_record->node_desc.description) ==
0) {
+ if (name && strncmp(name, (char
*)node_record->node_desc.description,
+ sizeof(node_record->node_desc.description))
== 0) {
*lid = cl_ntoh16(node_record->lid);
break;
}
--
1.4.3.2.g4bf7
_______________________________________________
openib-general mailing list
openib-general@openib.org
http://openib.org/mailman/listinfo/openib-general
To unsubscribe, please visit http://openib.org/mailman/listinfo/openib-general
