diff options
| author | Nigel Croxon <ncroxon@redhat.com> | 2024-07-18 19:05:57 +0200 |
|---|---|---|
| committer | Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> | 2024-08-13 13:50:55 +0200 |
| commit | 18eaf6c5206a37ad059c930d1ee2dbc9b7297513 (patch) | |
| tree | e125fa516ddc40a26f081a2350587bf30365b4a5 /sysfs.c | |
| parent | mdadm: util.c fix coverity issues (diff) | |
| download | mdadm-18eaf6c5206a37ad059c930d1ee2dbc9b7297513.tar.xz mdadm-18eaf6c5206a37ad059c930d1ee2dbc9b7297513.zip | |
mdadm: sysfs.c fix coverity issues
Fixing the following coding errors the coverity tools found:
* Event fixed_size_dest: You might overrun the 32-character
fixed-size string "mdi->sys_name" by copying "devnm" without
checking the length
* Event fixed_size_dest: You might overrun the 50-character
fixed-size string "sra->text_version" by copying "buf + 9"
without checking the length.
* Event string_overflow: You might overrun the 32-character
destination string "dev->sys_name" by writing 256 characters
from "de->d_name".
Signed-off-by: Nigel Croxon <ncroxon@redhat.com>
Diffstat (limited to 'sysfs.c')
| -rw-r--r-- | sysfs.c | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -139,7 +139,7 @@ int sysfs_init(struct mdinfo *mdi, int fd, char *devnm) goto out; if (!S_ISDIR(stb.st_mode)) goto out; - strcpy(mdi->sys_name, devnm); + strncpy(mdi->sys_name, devnm, sizeof(mdi->sys_name) - 1); retval = 0; out: @@ -179,6 +179,7 @@ struct mdinfo *sysfs_read(int fd, char *devnm, unsigned long options) sra->array.major_version = -1; sra->array.minor_version = -2; strcpy(sra->text_version, buf+9); + sra->text_version[sizeof(sra->text_version) - 1] = '\0'; } else { sscanf(buf, "%d.%d", &sra->array.major_version, @@ -340,6 +341,7 @@ struct mdinfo *sysfs_read(int fd, char *devnm, unsigned long options) } strcpy(dev->sys_name, de->d_name); + dev->sys_name[sizeof(dev->sys_name) - 1] = '\0'; dev->disk.raid_disk = strtoul(buf, &ep, 10); if (*ep) dev->disk.raid_disk = -1; |