[devel] [PATCH 1 of 1] clm: Ensure SaNameT strings are NUL-terminated [#1056]

Thu, 11 Sep 2014 03:59:15 -0700 

 osaf/libs/agents/saf/clma/clma_api.c   |  3 +++
 osaf/libs/common/clmsv/clmsv_enc_dec.c |  2 ++
 2 files changed, 5 insertions(+), 0 deletions(-)


CLM uses the SaNameT structure for output parameters (in various data
structures), but it did not guarantee that the string inside the SaNameT
structure was NUL-terminated. This meant that these SaNameT structures could not
safely be read using the saAisNameBorrow() function.

Code has been added to the clm agent to ensure proper NUL termination in SaNameT
structures.

diff --git a/osaf/libs/agents/saf/clma/clma_api.c 
b/osaf/libs/agents/saf/clma/clma_api.c
--- a/osaf/libs/agents/saf/clma/clma_api.c
+++ b/osaf/libs/agents/saf/clma/clma_api.c
@@ -85,6 +85,9 @@ void clma_fill_node_from_node4(SaClmClus
        (void)memcpy(clusterNode->nodeAddress.value, 
clusterNode_4.nodeAddress.value, clusterNode->nodeAddress.length);
        clusterNode->nodeName.length = clusterNode_4.nodeName.length;
        (void)memcpy(clusterNode->nodeName.value, clusterNode_4.nodeName.value, 
clusterNode->nodeName.length);
+       clusterNode->nodeName.value[clusterNode->nodeName.length <
+               SA_MAX_NAME_LENGTH ? clusterNode->nodeName.length :
+                       SA_MAX_NAME_LENGTH - 1] = '\0';
        clusterNode->member = clusterNode_4.member;
        clusterNode->bootTimestamp = clusterNode_4.bootTimestamp;
        clusterNode->initialViewNumber = clusterNode_4.initialViewNumber;
diff --git a/osaf/libs/common/clmsv/clmsv_enc_dec.c 
b/osaf/libs/common/clmsv/clmsv_enc_dec.c
--- a/osaf/libs/common/clmsv/clmsv_enc_dec.c
+++ b/osaf/libs/common/clmsv/clmsv_enc_dec.c
@@ -34,6 +34,8 @@ uint32_t clmsv_decodeSaNameT(NCS_UBAID *
        ncs_dec_skip_space(uba, 2);
        total_bytes += 2;
        ncs_decode_n_octets_from_uba(uba, name->value, (uint32_t)name->length);
+       name->value[name->length < SA_MAX_NAME_LENGTH ? name->length :
+               SA_MAX_NAME_LENGTH - 1] = '\0';
        total_bytes += name->length;
        return total_bytes;
 }

------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________
Opensaf-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opensaf-devel

Reply via email to