rpms/s390utils
7
0
Fork 0
Code Issues Pull Requests Releases Activity
e46958f573
s390utils/0066-fdasd-buffer-overflow-when-writing-to-read-only-devi.patch
Dan Horák f7e20b2418 updated to recent RHEL-6 package
2011-03-25 14:59:32 +01:00

62 lines
2.1 KiB
Diff
Raw Blame History

From f5a80bd5d3d478354d6044b6d2b9951fd29a8d59 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
Date: Fri, 18 Mar 2011 16:37:54 +0100
Subject: [PATCH 66/66] fdasd: buffer overflow when writing to read-only device
Description: fdasd: buffer overflow when writing to read-only device
Symptom: When fdasd tries to write to a read-only disk, it fails with
a '*** buffer overflow detected ***' error message.
Problem: It is expected that fdasd cannot write to a read-only disk, and
such an operation should end with a proper error message. The
libvtoc code, which writes this message, contains the bug that
causes the buffer overflow.
Solution: Directly print the error message, without formatting it first in
a buffer.
---
libvtoc/vtoc.c | 15 +++++----------
1 files changed, 5 insertions(+), 10 deletions(-)
diff --git a/libvtoc/vtoc.c b/libvtoc/vtoc.c
index 36269a4..ae1de8c 100644
--- a/libvtoc/vtoc.c
+++ b/libvtoc/vtoc.c
@@ -146,30 +146,25 @@ static char buffer[85];
*/
static void vtoc_error(enum failure why, char *s1, char *s2)
{
- char error[LINE_LENGTH];
-
switch (why) {
case unable_to_open:
- sprintf(error, "%s opening device '%s' failed.\n%s\n",
+ fprintf(stderr, "\n%s opening device '%s' failed.\n%s\n",
VTOC_ERROR, s1, s2);
break;
case unable_to_seek:
- sprintf(error, "%s seeking device '%s' failed.\n%s\n",
+ fprintf(stderr, "\n%s seeking device '%s' failed.\n%s\n",
VTOC_ERROR, s1, s2);
break;
case unable_to_write:
- sprintf(error, "%s writing to device '%s' failed,\n%s\n",
+ fprintf(stderr, "\n%s writing to device '%s' failed,\n%s\n",
VTOC_ERROR, s1, s2);
break;
case unable_to_read:
- sprintf(error, "%s reading from device '%s' failed.\n%s\n",
+ fprintf(stderr, "\n%s reading from device '%s' failed.\n%s\n",
VTOC_ERROR, s1, s2);
break;
- default: sprintf(error, "Fatal error\n");
+ default: fprintf(stderr, "\nFatal error\n");
}
-
- fputc('\n', stderr);
- fputs(error, stderr);
exit(1);
}
--
1.7.4
Reference in New Issue View Git Blame Copy Permalink