From: Andreas Dilger Date: Fri, 9 Mar 2018 23:18:53 +0000 (-0700) Subject: LU-10264 misc: fix possible array overflow X-Git-Tag: 2.11.53~67 X-Git-Url: https://git.whamcloud.com/?a=commitdiff_plain;h=200115bc8145b7f5c7a06aa2c57a1a10b60da17d;p=fs%2Flustre-release.git LU-10264 misc: fix possible array overflow Fix a static analysis error. lustre/obdclass/obd_mount_server.c:1830 in osd_start(), buffer flagstr has size 16 but length of format string "%lu:%lu" is 31. Increase the size of buffer to hold maximal-sized strings plus NUL. Test-Parameters: trivial Signed-off-by: Andreas Dilger Change-Id: I3cc80d66bbb537161a561f4f2ba7830dde2cab07 Reviewed-on: https://review.whamcloud.com/32242 Tested-by: Jenkins Tested-by: Maloo Reviewed-by: Dmitry Eremin Reviewed-by: James Simmons Reviewed-by: Oleg Drokin --- diff --git a/lustre/obdclass/obd_mount_server.c b/lustre/obdclass/obd_mount_server.c index c65cb53..a4f0e4b 100644 --- a/lustre/obdclass/obd_mount_server.c +++ b/lustre/obdclass/obd_mount_server.c @@ -1814,10 +1814,10 @@ static int server_fill_super_common(struct super_block *sb) static int osd_start(struct lustre_sb_info *lsi, unsigned long mflags) { struct lustre_mount_data *lmd = lsi->lsi_lmd; - struct obd_device *obd; - struct dt_device_param p; - char flagstr[16]; - int rc; + struct obd_device *obd; + struct dt_device_param p; + char flagstr[20 + 1 + 10 + 1]; + int rc; ENTRY; CDEBUG(D_MOUNT, @@ -1827,7 +1827,7 @@ static int osd_start(struct lustre_sb_info *lsi, unsigned long mflags) sprintf(lsi->lsi_osd_obdname, "%s-osd", lsi->lsi_svname); strcpy(lsi->lsi_osd_uuid, lsi->lsi_osd_obdname); strcat(lsi->lsi_osd_uuid, "_UUID"); - sprintf(flagstr, "%lu:%lu", mflags, (unsigned long) lmd->lmd_flags); + snprintf(flagstr, sizeof(flagstr), "%lu:%u", mflags, lmd->lmd_flags); obd = class_name2obd(lsi->lsi_osd_obdname); if (obd == NULL) {