Bug 11880
| Summary: | Typo in tape.c potential hazard... | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | SB <satan> |
| Component: | dump | Assignee: | Nalin Dahyabhai <nalin> |
| Status: | CLOSED RAWHIDE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6.2 | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2000-06-03 22:30:09 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
You are absolutely right. Thanks for the bug report. Could you in the future send a copy of this kind of bug reports directly to the dump maintainer. It would be easier for me to get the patches... I know, it's the job of RedHat's guys but... Stelian. fixed in rawhide. |
Here's the descrepency I noticed: /usr/include/stdio.h: line 77: # define BUFSIZ _IO_BUFSIZ /usr/include/libio.h: line 43: #define _IO_BUFSIZ _G_BUFSIZ /usr/include/_G_config.h: line 85: #define _G_BUFSIZ 8192 /usr/src/redhat/BUILD/dump-0.4b15/compat/include/protocols/dumprestore.h: line 53: #define TP_BSIZE 1024 /usr/src/redhat/BUILD/dump-0.4b15/restore/restore.h: line 74: extern FILE *terminal; /usr/src/redhat/BUILD/dump-0.4b15/restore/tape.c: line 311: char buf[TP_BSIZE]; line 357: (void) fgets(buf, BUFSIZ, terminal); Now isn't putting potentially 8192 bytes of data in a 1024 byte variable a bit much? Anyway, either change line 311 in tape.c to: char buf[BUFSIZ]; or change line 357 of tape.c to: (void) fgets(buf, TP_BSIZE, terminal); I expect either one should do the job. -Stan Bubrouski