diff options
author | Darrick J. Wong <darrick.wong@oracle.com> | 2018-04-12 10:34:08 -0500 |
---|---|---|
committer | Eric Sandeen <sandeen@redhat.com> | 2018-04-12 10:34:08 -0500 |
commit | 99ea301818779ff663599d00610d6cee6a57738c (patch) | |
tree | 6074edabe0f69faa87379e76a9a8b87e6f1f093f | |
parent | a8502cc4b7e7a9ae829df1446887d98f87a441a8 (diff) | |
download | xfsprogs-dev-99ea301818779ff663599d00610d6cee6a57738c.tar.gz |
xfs_scrub: avoid buffer overflow when scanning attributes
Avoid a buffer overflow when we're formatting extended attribute names
for name checking. The kernel headers provide us with XATTR_NAME_MAX,
so we can rely on that.
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Eric Sandeen <sandeen@sandeen.net>
-rw-r--r-- | scrub/phase5.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/scrub/phase5.c b/scrub/phase5.c index 5f2a1a7cd0..e0e7e8c710 100644 --- a/scrub/phase5.c +++ b/scrub/phase5.c @@ -158,7 +158,7 @@ xfs_scrub_scan_fhandle_namespace_xattrs( { struct attrlist_cursor cur; char attrbuf[XFS_XATTR_LIST_MAX]; - char keybuf[NAME_MAX + 1]; + char keybuf[XATTR_NAME_MAX + 1]; struct attrlist *attrlist = (struct attrlist *)attrbuf; struct attrlist_ent *ent; struct unicrash *uc; @@ -172,14 +172,14 @@ xfs_scrub_scan_fhandle_namespace_xattrs( memset(attrbuf, 0, XFS_XATTR_LIST_MAX); memset(&cur, 0, sizeof(cur)); - memset(keybuf, 0, NAME_MAX + 1); + memset(keybuf, 0, XATTR_NAME_MAX + 1); error = attr_list_by_handle(handle, sizeof(*handle), attrbuf, XFS_XATTR_LIST_MAX, attr_ns->flags, &cur); while (!error) { /* Examine the xattrs. */ for (i = 0; i < attrlist->al_count; i++) { ent = ATTR_ENTRY(attrlist, i); - snprintf(keybuf, NAME_MAX, "%s.%s", attr_ns->name, + snprintf(keybuf, XATTR_NAME_MAX, "%s.%s", attr_ns->name, ent->a_name); moveon = xfs_scrub_check_name(ctx, descr, _("extended attribute"), keybuf); |