Bug 1099645
| Summary: | Unchecked strcpy and strcat in gf-history-changelog.c | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Community] GlusterFS | Reporter: | Keith Schincke <kschinck> | ||||
| Component: | core | Assignee: | Niels de Vos <ndevos> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | mainline | CC: | bugs, gluster-bugs | ||||
| Target Milestone: | --- | Keywords: | EasyFix, Patch, Triaged | ||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | All | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | glusterfs-3.7.0 | Doc Type: | Bug Fix | ||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2015-05-14 17:25:48 UTC | Type: | Bug | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Keith Schincke
2014-05-20 20:02:34 UTC
Thanks for the patch, I'll post it for inclusion in mainline. If you are concerned about this and would like the change included in other versions, please clone this bug (see 'clone' in the upper-right-corner of this page). REVIEW: http://review.gluster.org/8977 (changelog: replace MAKE_HTIME_FILE_PATH with snprintf()) posted (#1) for review on master by Niels de Vos (ndevos) COMMIT: http://review.gluster.org/8977 committed in master by Venky Shankar (vshankar) ------ commit 4d3c6d93d1c75696987f262cf5a304b3038bc585 Author: Niels de Vos <ndevos> Date: Mon Oct 27 10:28:55 2014 +0100 changelog: replace MAKE_HTIME_FILE_PATH with snprintf() The used once MAKE_HTIME_FILE_PATH macro uses strcpy and strcat into a fixed buffer without checking the input lengths. Recommend replacing with a snprintf. Change-Id: Ia0245096774dc84be1b937e1d5750f3634fff034 BUG: 1099645 Reported-by: Keith Schincke <kschinck> Signed-off-by: Niels de Vos <ndevos> Reviewed-on: http://review.gluster.org/8977 Tested-by: Gluster Build System <jenkins.com> Reviewed-by: Venky Shankar <vshankar> Tested-by: Venky Shankar <vshankar> This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.7.0, please open a new bug report. glusterfs-3.7.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] http://thread.gmane.org/gmane.comp.file-systems.gluster.devel/10939 [2] http://thread.gmane.org/gmane.comp.file-systems.gluster.user This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.7.0, please open a new bug report. glusterfs-3.7.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] http://thread.gmane.org/gmane.comp.file-systems.gluster.devel/10939 [2] http://thread.gmane.org/gmane.comp.file-systems.gluster.user This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.7.0, please open a new bug report. glusterfs-3.7.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] http://thread.gmane.org/gmane.comp.file-systems.gluster.devel/10939 [2] http://thread.gmane.org/gmane.comp.file-systems.gluster.user This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.7.0, please open a new bug report. glusterfs-3.7.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] http://thread.gmane.org/gmane.comp.file-systems.gluster.devel/10939 [2] http://thread.gmane.org/gmane.comp.file-systems.gluster.user |