LU-2074 build: fix 'copy into fixed size buffer' errors

Fix 'copy into fixed size buffer' defects found by Coverity
version 6.0.3:
Copy into fixed size buffer (STRING_OVERFLOW)
The fixed-size string might be overrun by copying without
checking the length.

Signed-off-by: Sebastien Buisson <sebastien.buisson@bull.net>
Change-Id: Ia47e6ae132fe476fce202ce06d6fc655f9855012
Reviewed-on: http://review.whamcloud.com/4154
Reviewed-by: Dmitry Eremin <dmitry.eremin@intel.com>
Tested-by: Hudson
Tested-by: Maloo <whamcloud.maloo@gmail.com>
Reviewed-by: Oleg Drokin <oleg.drokin@intel.com>

diff --git a/libcfs/libcfs/linux/linux-tcpip.c b/libcfs/libcfs/linux/linux-tcpip.c
index 480b9a5..18bfd3f 100644 (file)
--- a/libcfs/libcfs/linux/linux-tcpip.c
+++ b/libcfs/libcfs/linux/linux-tcpip.c
@@ -121,7 +121,10 @@ libcfs_ipif_query (char *name, int *up, __u32 *ip, __u32 *mask)
 
         CLASSERT (sizeof(ifr.ifr_name) >= IFNAMSIZ);
 
 
         CLASSERT (sizeof(ifr.ifr_name) >= IFNAMSIZ);
 

-        strcpy(ifr.ifr_name, name);
+       if (strlen(name) > sizeof(ifr.ifr_name)-1)
+               return -E2BIG;
+       strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name));
+

         rc = libcfs_sock_ioctl(SIOCGIFFLAGS, (unsigned long)&ifr);
 
         if (rc != 0) {
         rc = libcfs_sock_ioctl(SIOCGIFFLAGS, (unsigned long)&ifr);
 
         if (rc != 0) {


@@ -138,7 +141,10 @@ libcfs_ipif_query (char *name, int *up, __u32 *ip, __u32 *mask)
 
         *up = 1;
 
 
         *up = 1;
 

-        strcpy(ifr.ifr_name, name);
+       if (strlen(name) > sizeof(ifr.ifr_name)-1)
+               return -E2BIG;
+       strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name));
+

         ifr.ifr_addr.sa_family = AF_INET;
         rc = libcfs_sock_ioctl(SIOCGIFADDR, (unsigned long)&ifr);
 
         ifr.ifr_addr.sa_family = AF_INET;
         rc = libcfs_sock_ioctl(SIOCGIFADDR, (unsigned long)&ifr);
 


@@ -150,7 +156,10 @@ libcfs_ipif_query (char *name, int *up, __u32 *ip, __u32 *mask)
         val = ((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr.s_addr;
         *ip = ntohl(val);
 
         val = ((struct sockaddr_in *)&ifr.ifr_addr)->sin_addr.s_addr;
         *ip = ntohl(val);
 

-        strcpy(ifr.ifr_name, name);
+       if (strlen(name) > sizeof(ifr.ifr_name)-1)
+               return -E2BIG;
+       strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name));
+

         ifr.ifr_addr.sa_family = AF_INET;
         rc = libcfs_sock_ioctl(SIOCGIFNETMASK, (unsigned long)&ifr);
 
         ifr.ifr_addr.sa_family = AF_INET;
         rc = libcfs_sock_ioctl(SIOCGIFNETMASK, (unsigned long)&ifr);
 

diff --git a/libcfs/libcfs/util/parser.c b/libcfs/libcfs/util/parser.c
index 949a2b4..f395fa3 100644 (file)
--- a/libcfs/libcfs/util/parser.c
+++ b/libcfs/libcfs/util/parser.c
@@ -460,7 +460,9 @@ int Parser_help(int argc, char **argv)
 
         line[0]='\0';
         for ( i = 1 ;  i < argc ; i++ ) {
 
         line[0]='\0';
         for ( i = 1 ;  i < argc ; i++ ) {

-                strcat(line, argv[i]);
+               if (strlen(argv[i]) > sizeof(line)-strlen(line)-1)
+                       return -E2BIG;
+               strncat(line, argv[i], sizeof(line)-strlen(line)-1);

         }
 
         switch ( process(line, &next, top_level, &result, &prev) ) {
         }
 
         switch ( process(line, &next, top_level, &result, &prev) ) {

diff --git a/libcfs/libcfs/workitem.c b/libcfs/libcfs/workitem.c
index 49bee6a..a22d4a9 100644 (file)
--- a/libcfs/libcfs/workitem.c
+++ b/libcfs/libcfs/workitem.c
@@ -439,7 +439,12 @@ cfs_wi_sched_create(char *name, struct cfs_cpt_table *cptab,
        if (sched == NULL)
                return -ENOMEM;
 
        if (sched == NULL)
                return -ENOMEM;
 

-       strncpy(sched->ws_name, name, CFS_WS_NAME_LEN);
+       if (strlen(name) > sizeof(sched->ws_name)-1) {
+               LIBCFS_FREE(sched, sizeof(*sched));
+               return -E2BIG;
+       }
+       strncpy(sched->ws_name, name, sizeof(sched->ws_name));
+

        sched->ws_cptab = cptab;
        sched->ws_cpt = cpt;
 
        sched->ws_cptab = cptab;
        sched->ws_cpt = cpt;
 

diff --git a/lnet/selftest/console.c b/lnet/selftest/console.c
index d58cc9c..aac83bd 100644 (file)
--- a/lnet/selftest/console.c
+++ b/lnet/selftest/console.c
@@ -211,8 +211,14 @@ lstcon_group_alloc(char *name, lstcon_group_t **grpp)
                                 grp_ndl_hash[LST_NODE_HASHSIZE]));
 
         grp->grp_ref = 1;
                                 grp_ndl_hash[LST_NODE_HASHSIZE]));
 
         grp->grp_ref = 1;

-        if (name != NULL)
-                strcpy(grp->grp_name, name);
+       if (name != NULL) {
+               if (strlen(name) > sizeof(grp->grp_name)-1) {
+                       LIBCFS_FREE(grp, offsetof(lstcon_group_t,
+                                         grp_ndl_hash[LST_NODE_HASHSIZE]));
+                       return -E2BIG;
+               }
+               strncpy(grp->grp_name, name, sizeof(grp->grp_name));
+       }

 
         CFS_INIT_LIST_HEAD(&grp->grp_link);
         CFS_INIT_LIST_HEAD(&grp->grp_ndl_list);
 
         CFS_INIT_LIST_HEAD(&grp->grp_link);
         CFS_INIT_LIST_HEAD(&grp->grp_ndl_list);


@@ -891,7 +897,13 @@ lstcon_batch_add(char *name)
                 return -ENOMEM;
         }
 
                 return -ENOMEM;
         }
 

-        strcpy(bat->bat_name, name);
+       if (strlen(name) > sizeof(bat->bat_name)-1) {
+               LIBCFS_FREE(bat->bat_srv_hash, LST_NODE_HASHSIZE);
+               LIBCFS_FREE(bat->bat_cli_hash, LST_NODE_HASHSIZE);
+               LIBCFS_FREE(bat, sizeof(lstcon_batch_t));
+               return -E2BIG;
+       }
+       strncpy(bat->bat_name, name, sizeof(bat->bat_name));

         bat->bat_hdr.tsb_index = 0;
         bat->bat_hdr.tsb_id.bat_id = ++console_session.ses_id_cookie;
 
         bat->bat_hdr.tsb_index = 0;
         bat->bat_hdr.tsb_id.bat_id = ++console_session.ses_id_cookie;
 


@@ -1762,7 +1774,11 @@ lstcon_session_new(char *name, int key, unsigned feats,
        console_session.ses_feats_updated = 0;
        console_session.ses_timeout = (timeout <= 0) ?
                                      LST_CONSOLE_TIMEOUT : timeout;
        console_session.ses_feats_updated = 0;
        console_session.ses_timeout = (timeout <= 0) ?
                                      LST_CONSOLE_TIMEOUT : timeout;

-       strcpy(console_session.ses_name, name);
+
+       if (strlen(name) > sizeof(console_session.ses_name)-1)
+               return -E2BIG;
+       strncpy(console_session.ses_name, name,
+               sizeof(console_session.ses_name));

 
         rc = lstcon_batch_add(LST_DEFAULT_BATCH);
         if (rc != 0)
 
         rc = lstcon_batch_add(LST_DEFAULT_BATCH);
         if (rc != 0)

diff --git a/lnet/utils/debug.c b/lnet/utils/debug.c
index 33699ff..f975866 100644 (file)
--- a/lnet/utils/debug.c
+++ b/lnet/utils/debug.c
@@ -585,11 +585,21 @@ int jt_dbg_debug_kernel(int argc, char **argv)
         /* If we are dumping raw (which means no conversion step to ASCII)
          * then dump directly to any supplied filename, otherwise this is
          * just a temp file and we dump to the real file at convert time. */
         /* If we are dumping raw (which means no conversion step to ASCII)
          * then dump directly to any supplied filename, otherwise this is
          * just a temp file and we dump to the real file at convert time. */

-        if (argc > 1 && raw)
-                strcpy(filename, argv[1]);
-        else
-                sprintf(filename, "%s"CFS_TIME_T".%u",
-                       LIBCFS_DEBUG_FILE_PATH_DEFAULT, time(NULL), getpid());
+       if (argc > 1 && raw) {
+               if (strlen(argv[1]) > sizeof(filename)-1) {
+                       fprintf(stderr, "File name too long: %s\n", argv[1]);
+                       return 1;
+               }
+               strncpy(filename, argv[1], sizeof(filename));
+       } else {
+               if (snprintf(filename, sizeof(filename), "%s"CFS_TIME_T".%u",
+                            LIBCFS_DEBUG_FILE_PATH_DEFAULT, time(NULL),
+                            getpid()) >=
+                   sizeof(filename)) {
+                       fprintf(stderr, "File name too long\n");
+                       return 1;
+               }
+       }

 
         if (stat(filename, &st) == 0 && S_ISREG(st.st_mode))
                 unlink(filename);
 
         if (stat(filename, &st) == 0 && S_ISREG(st.st_mode))
                 unlink(filename);

diff --git a/lustre/mgs/mgs_llog.c b/lustre/mgs/mgs_llog.c
index 8e40891..fb9ae68 100644 (file)
--- a/lustre/mgs/mgs_llog.c
+++ b/lustre/mgs/mgs_llog.c
@@ -693,8 +693,14 @@ static int mgs_modify(const struct lu_env *env, struct mgs_device *mgs,
         OBD_ALLOC_PTR(mml);
         if (!mml)
                 GOTO(out_close, rc = -ENOMEM);
         OBD_ALLOC_PTR(mml);
         if (!mml)
                 GOTO(out_close, rc = -ENOMEM);

-        strcpy(mml->mml_marker.cm_comment, comment);
-        strcpy(mml->mml_marker.cm_tgtname, devname);
+       if (strlcpy(mml->mml_marker.cm_comment, comment,
+                   sizeof(mml->mml_marker.cm_comment)) >=
+           sizeof(mml->mml_marker.cm_comment))
+               GOTO(out_close, rc = -E2BIG);
+       if (strlcpy(mml->mml_marker.cm_tgtname, devname,
+                   sizeof(mml->mml_marker.cm_tgtname)) >=
+           sizeof(mml->mml_marker.cm_tgtname))
+               GOTO(out_close, rc = -E2BIG);

         /* Modify mostly means cancel */
         mml->mml_marker.cm_flags = flags;
         mml->mml_marker.cm_canceltime = flags ? cfs_time_current_sec() : 0;
         /* Modify mostly means cancel */
         mml->mml_marker.cm_flags = flags;
         mml->mml_marker.cm_canceltime = flags ? cfs_time_current_sec() : 0;

diff --git a/lustre/ptlrpc/nrs.c b/lustre/ptlrpc/nrs.c
index a023a05..069f6a0 100644 (file)
--- a/lustre/ptlrpc/nrs.c
+++ b/lustre/ptlrpc/nrs.c
@@ -1194,7 +1194,11 @@ int ptlrpc_nrs_policy_register(struct ptlrpc_nrs_pol_conf *conf)
        if (desc == NULL)
                GOTO(fail, rc = -ENOMEM);
 
        if (desc == NULL)
                GOTO(fail, rc = -ENOMEM);
 

-       strncpy(desc->pd_name, conf->nc_name, NRS_POL_NAME_MAX);
+       if (strlcpy(desc->pd_name, conf->nc_name, sizeof(desc->pd_name)) >=
+           sizeof(desc->pd_name)) {
+               OBD_FREE_PTR(desc);
+               GOTO(fail, rc = -E2BIG);
+       }

        desc->pd_ops             = conf->nc_ops;
        desc->pd_compat          = conf->nc_compat;
        desc->pd_compat_svc_name = conf->nc_compat_svc_name;
        desc->pd_ops             = conf->nc_ops;
        desc->pd_compat          = conf->nc_compat;
        desc->pd_compat_svc_name = conf->nc_compat_svc_name;

diff --git a/lustre/ptlrpc/sec_config.c b/lustre/ptlrpc/sec_config.c
index ee2c277..75b71d5 100644 (file)
--- a/lustre/ptlrpc/sec_config.c
+++ b/lustre/ptlrpc/sec_config.c
@@ -619,7 +619,11 @@ struct sptlrpc_conf *sptlrpc_conf_get(const char *fsname,
         if (conf == NULL)
                 return NULL;
 
         if (conf == NULL)
                 return NULL;
 

-        strcpy(conf->sc_fsname, fsname);
+       if (strlcpy(conf->sc_fsname, fsname, sizeof(conf->sc_fsname)) >=
+           sizeof(conf->sc_fsname)) {
+               OBD_FREE_PTR(conf);
+               return NULL;
+       }

         sptlrpc_rule_set_init(&conf->sc_rset);
         CFS_INIT_LIST_HEAD(&conf->sc_tgts);
         cfs_list_add(&conf->sc_list, &sptlrpc_confs);
         sptlrpc_rule_set_init(&conf->sc_rset);
         CFS_INIT_LIST_HEAD(&conf->sc_tgts);
         cfs_list_add(&conf->sc_list, &sptlrpc_confs);

diff --git a/lustre/utils/lfs.c b/lustre/utils/lfs.c
index c701181..fd7fd00 100644 (file)
--- a/lustre/utils/lfs.c
+++ b/lustre/utils/lfs.c
@@ -408,7 +408,11 @@ static int lfs_migrate(char *name, unsigned long long stripe_size,
        }
 
        /* search for file directory pathname */
        }
 
        /* search for file directory pathname */

-       strcpy(parent, name);
+       if (strlen(name) > sizeof(parent)-1) {
+               rc = -E2BIG;
+               goto free;
+       }
+       strncpy(parent, name, sizeof(parent));

        ptr = strrchr(parent, '/');
        if (ptr == NULL) {
                if (getcwd(parent, sizeof(parent)) == NULL) {
        ptr = strrchr(parent, '/');
        if (ptr == NULL) {
                if (getcwd(parent, sizeof(parent)) == NULL) {


@@ -1116,20 +1120,24 @@ static int lfs_find(int argc, char **argv)
                                 param.obduuid = tmp;
                         }
                         for (token = buf; token && *token; token = next) {
                                 param.obduuid = tmp;
                         }
                         for (token = buf; token && *token; token = next) {

-                                char *uuid;
-                                if (c == 'm')
-                                        uuid =
-                                          param.mdtuuid[param.num_mdts++].uuid;
-                                else
-                                        uuid =
-                                          param.obduuid[param.num_obds++].uuid;
+                               struct obd_uuid *puuid;
+                               if (c == 'm') {
+                                       puuid =
+                                         &param.mdtuuid[param.num_mdts++];
+                               } else {
+                                       puuid =
+                                         &param.obduuid[param.num_obds++];
+                               }

                                 p = strchr(token, ',');
                                 next = 0;
                                 if (p) {
                                         *p = 0;
                                         next = p+1;
                                 }
                                 p = strchr(token, ',');
                                 next = 0;
                                 if (p) {
                                         *p = 0;
                                         next = p+1;
                                 }

-                                strcpy((char *)uuid, token);
+                               if (strlen(token) > sizeof(puuid->uuid)-1)
+                                       GOTO(err_free, ret = -E2BIG);
+                               strncpy(puuid->uuid, token,
+                                       sizeof(puuid->uuid));

                         }
 err_free:
                         if (buf)
                         }
 err_free:
                         if (buf)


@@ -3532,8 +3540,13 @@ static int lfs_hsm_request(int argc, char **argv, int action)
        hur->hur_request.hr_flags = 0;
 
        /* All remaining args are files, add them */
        hur->hur_request.hr_flags = 0;
 
        /* All remaining args are files, add them */

-       if (nbfile != 0)
-               strcpy(some_file, argv[optind]);
+       if (nbfile != 0) {
+               if (strlen(argv[optind]) > sizeof(some_file)-1) {
+                       free(hur);
+                       return -E2BIG;
+               }
+               strncpy(some_file, argv[optind], sizeof(some_file));
+       }

 
        for (i = 0; i < nbfile; i++) {
                hur->hur_user_item[i].hui_extent.length = -1;
 
        for (i = 0; i < nbfile; i++) {
                hur->hur_user_item[i].hui_extent.length = -1;

diff --git a/lustre/utils/liblustreapi.c b/lustre/utils/liblustreapi.c
index 015036d..3051bdf 100644 (file)
--- a/lustre/utils/liblustreapi.c
+++ b/lustre/utils/liblustreapi.c
@@ -416,7 +416,12 @@ static int get_param_obdvar(const char *fsname, const char *file_path,
                         return rc;
                 }
         } else if (fsname) {
                         return rc;
                 }
         } else if (fsname) {

-                strcpy(fs, fsname);
+               if (strlen(fsname) > sizeof(fs)-1) {
+                       if (fp != NULL)
+                               fclose(fp);
+                       return -E2BIG;
+               }
+               strncpy(fs, fsname, sizeof(fs));

         }
 
         if (fp == NULL) {
         }
 
         if (fp == NULL) {


@@ -436,7 +441,11 @@ static int get_param_obdvar(const char *fsname, const char *file_path,
                         tmp += strlen(obd_type) + 1;
                         if (strcmp(tmp, fs))
                                 continue;
                         tmp += strlen(obd_type) + 1;
                         if (strcmp(tmp, fs))
                                 continue;

-                        strcpy(dev, tmp);
+                       if (strlen(tmp) > sizeof(dev)-1) {
+                               fclose(fp);
+                               return -E2BIG;
+                       }
+                       strncpy(dev, tmp, sizeof(dev));

                         tmp = strchr(dev, ' ');
                        if (tmp != NULL)
                                *tmp = '\0';
                         tmp = strchr(dev, ' ');
                        if (tmp != NULL)
                                *tmp = '\0';


@@ -1193,10 +1202,14 @@ int llapi_get_poollist(const char *name, char **poollist, int list_size,
                                     " a Lustre filesystem", name);
                         return rc;
                 }
                                     " a Lustre filesystem", name);
                         return rc;
                 }

-                strcpy(fsname, rname);
+               if (strlen(rname) > sizeof(fsname)-1)
+                       return -E2BIG;
+               strncpy(fsname, rname, sizeof(fsname));

         } else {
                 /* name is FSNAME */
         } else {
                 /* name is FSNAME */

-                strcpy(fsname, name);
+               if (strlen(name) > sizeof(fsname)-1)
+                       return -E2BIG;
+               strncpy(fsname, name, sizeof(fsname));

                 rc = poolpath(fsname, NULL, pathname);
         }
         if (rc != 0) {
                 rc = poolpath(fsname, NULL, pathname);
         }
         if (rc != 0) {

diff --git a/lustre/utils/ltrack_stats.c b/lustre/utils/ltrack_stats.c
index 38f4ada..4984a46 100644 (file)
--- a/lustre/utils/ltrack_stats.c
+++ b/lustre/utils/ltrack_stats.c
@@ -45,7 +45,7 @@
 #include <signal.h>
 #include <string.h>
 #include <stdlib.h>
 #include <signal.h>
 #include <string.h>
 #include <stdlib.h>

-
+#include <errno.h>

 
 #define TRACK_BY_GID 0
 #define TRACK_BY_PPID 1
 
 #define TRACK_BY_GID 0
 #define TRACK_BY_PPID 1


@@ -66,14 +66,10 @@
 #define LEN_CLIENT 1024
 
 /* size of output of llstat command we read at a time */
 #define LEN_CLIENT 1024
 
 /* size of output of llstat command we read at a time */

-#define MAX 1024
-
-/* max strlen of outfile we get on command line */
-#define LEN_OUT 1024
+#define LLSTAT_READ_SIZE 1024

 
 /* Length of command given on command line */
 #define COMM_LEN 4096
 
 /* Length of command given on command line */
 #define COMM_LEN 4096

-pid_t llstat[1024];

 
 /* print usage */
 void print_usage()
 
 /* print usage */
 void print_usage()


@@ -200,12 +196,12 @@ void check_llstat()
 
 pid_t fork_llstat_command(char* llstat_file,char* stats_path)
 {
 
 pid_t fork_llstat_command(char* llstat_file,char* stats_path)
 {

-        char truncate_command[100];
-        char llstat_command[LEN_LLSTAT];
-        pid_t pid_llstat_command;
-        FILE *fp_popen, *fp_out;
-        char buffer[MAX];
-        int ret;
+       char truncate_command[100];
+       char llstat_command[LEN_LLSTAT];
+       pid_t pid_llstat_command;
+       FILE *fp_popen, *fp_out;
+       char buffer[LLSTAT_READ_SIZE];
+       int ret;

         
         /* Truncating llstat output file as it will be opened in while
          * loop to append output */
         
         /* Truncating llstat output file as it will be opened in while
          * loop to append output */


@@ -236,37 +232,37 @@ pid_t fork_llstat_command(char* llstat_file,char* stats_path)
                                 "\"%s\"n", llstat_command);
                         exit(1);
                 }
                                 "\"%s\"n", llstat_command);
                         exit(1);
                 }

-                while (fgets(buffer, 1024, fp_popen) != NULL) {
-                        /* Following code should be in while loop as llstat 
-                         * will keep on sending output each second and will
-                         * not exit on itself. It will be killed when we finsh
-                         * with our command so we must make the output file 
-                         * consistent after writing each 1024 bytes chunk */
-
-                        /* opening file where llstat will write its output */
-                        fp_out = fopen(llstat_file, "a");
-                        if (!fp_out) {
-                                fprintf(stderr, "Error: Couldn't open llstat"
-                                        "outfile file: %s\n",
-                                        llstat_file);
-                                exit(1);
-                        }
-                        /* fgets reads the popen output and fprintf writes it to
-                         * output file */
-
-                        if (fputs(buffer, fp_out) == EOF) {
-                                 fprintf(stderr, "Error: Couldn't write output"
-                                         "of llstat to out file\n");
-                                 exit(1);
-                        }
-
-                        /* closing file opened for storing llstat's output */
-                        if (fclose(fp_out)) {
-                                fprintf(stderr, "Error: Couldn't close llstat"
-                                        "outfile: %s\n", llstat_file);
-                                exit(1);
-                        }
-                }
+               while (fgets(buffer, LLSTAT_READ_SIZE, fp_popen) != NULL) {
+                       /* Following code should be in while loop as llstat
+                        * will keep on sending output each second and will
+                        * not exit on itself. It will be killed when we finsh
+                        * with our command so we must make the output file
+                        * consistent after writing each 1024 bytes chunk */
+
+                       /* opening file where llstat will write its output */
+                       fp_out = fopen(llstat_file, "a");
+                       if (!fp_out) {
+                               fprintf(stderr, "Error: Couldn't open llstat"
+                                       "outfile file: %s\n",
+                                       llstat_file);
+                               exit(1);
+                       }
+                       /* fgets reads the popen output and fprintf writes it to
+                        * output file */
+
+                       if (fputs(buffer, fp_out) == EOF) {
+                               fprintf(stderr, "Error: Couldn't write output"
+                                       "of llstat to out file\n");
+                               exit(1);
+                       }
+
+                       /* closing file opened for storing llstat's output */
+                       if (fclose(fp_out)) {
+                               fprintf(stderr, "Error: Couldn't close llstat"
+                                       "outfile: %s\n", llstat_file);
+                               exit(1);
+                       }
+               }

                 /* closing popen for llstat */
                 if (pclose(fp_popen) < 0) {
                         fprintf(stderr, "Error: Couldn't pclos"
                 /* closing popen for llstat */
                 if (pclose(fp_popen) < 0) {
                         fprintf(stderr, "Error: Couldn't pclos"


@@ -453,12 +449,13 @@ int main(int argc, char **argv)
         while ((c = getopt(argc, argv, "l:g:c:i:a:h")) != 1)
                 switch (c) {
                         case 'l':
         while ((c = getopt(argc, argv, "l:g:c:i:a:h")) != 1)
                 switch (c) {
                         case 'l':

-                                strcpy(llstat_file, optarg);
-                                if (strlen(llstat_file) > LEN_OUT) {
+                               if (strlen(optarg) > sizeof(llstat_file)-1) {

                                         fprintf(stderr, "length of outfile file"
                                                 " is too long\n");
                                         exit(1);
                                         fprintf(stderr, "length of outfile file"
                                                 " is too long\n");
                                         exit(1);

-                                }
+                               }
+                               strncpy(llstat_file, optarg,
+                                       sizeof(llstat_file));

                                 break;
 
                         /* When any value is written to vfs_track_gid, then VFS
                                 break;
 
                         /* When any value is written to vfs_track_gid, then VFS


@@ -467,7 +464,9 @@ int main(int argc, char **argv)
                          * write_track_xid writes given <gid> in vfs_track_gid
                          * here. */
                         case 'g':
                          * write_track_xid writes given <gid> in vfs_track_gid
                          * here. */
                         case 'g':

-                                strcpy(gid_string, optarg);
+                               if (strlen(optarg) > sizeof(gid_string)-1)
+                                       return -E2BIG;
+                               strncpy(gid_string, optarg, sizeof(gid_string));

                                 get_command_from_argv(optind, argc, argv, "",
                                                       command);
                                 gid = atoi(gid_string);
                                 get_command_from_argv(optind, argc, argv, "",
                                                       command);
                                 gid = atoi(gid_string);

diff --git a/lustre/utils/lustre_cfg.c b/lustre/utils/lustre_cfg.c
index 1c9ed42..ab5a68f 100644 (file)
--- a/lustre/utils/lustre_cfg.c
+++ b/lustre/utils/lustre_cfg.c
@@ -900,7 +900,13 @@ static int getparam_display(struct param_opts *popt, char *pattern)
                 /* As listparam_display is used to show param name (with type),
                  * here "if (only_path)" is ignored.*/
                 if (popt->po_show_path) {
                 /* As listparam_display is used to show param name (with type),
                  * here "if (only_path)" is ignored.*/
                 if (popt->po_show_path) {

-                        strcpy(filename, glob_info.gl_pathv[i]);
+                       if (strlen(glob_info.gl_pathv[i]) >
+                           sizeof(filename)-1) {
+                               free(buf);
+                               return -E2BIG;
+                       }
+                       strncpy(filename, glob_info.gl_pathv[i],
+                               sizeof(filename));

                         valuename = display_name(filename, 0);
                 }
 
                         valuename = display_name(filename, 0);
                 }
 


@@ -1029,7 +1035,10 @@ static int setparam_display(struct param_opts *popt, char *pattern, char *value)
                char *valuename = NULL;
 
                if (popt->po_show_path) {
                char *valuename = NULL;
 
                if (popt->po_show_path) {

-                       strcpy(filename, glob_info.gl_pathv[i]);
+                       if (strlen(glob_info.gl_pathv[i]) > sizeof(filename)-1)
+                               return -E2BIG;
+                       strncpy(filename, glob_info.gl_pathv[i],
+                               sizeof(filename));

                        valuename = display_name(filename, 0);
                        if (valuename)
                                printf("%s=%s\n", valuename, value);
                        valuename = display_name(filename, 0);
                        if (valuename)
                                printf("%s=%s\n", valuename, value);

diff --git a/lustre/utils/lustre_rsync.c b/lustre/utils/lustre_rsync.c
index 0947551..77f213d 100644 (file)
--- a/lustre/utils/lustre_rsync.c
+++ b/lustre/utils/lustre_rsync.c
@@ -633,13 +633,23 @@ int lr_add_pc(const char *pfid, const char *tfid, const char *name)
         p = calloc(1, sizeof(*p));
         if (!p)
                 return -ENOMEM;
         p = calloc(1, sizeof(*p));
         if (!p)
                 return -ENOMEM;

-        strcpy(p->pc_log.pcl_pfid, pfid);
-        strcpy(p->pc_log.pcl_tfid, tfid);
-        strcpy(p->pc_log.pcl_name, name);
+       if (strlen(pfid) > sizeof(p->pc_log.pcl_pfid)-1)
+               goto out_err;
+       strncpy(p->pc_log.pcl_pfid, pfid, sizeof(p->pc_log.pcl_pfid));
+       if (strlen(tfid) > sizeof(p->pc_log.pcl_tfid)-1)
+               goto out_err;
+       strncpy(p->pc_log.pcl_tfid, tfid, sizeof(p->pc_log.pcl_tfid));
+       if (strlen(name) > sizeof(p->pc_log.pcl_name)-1)
+               goto out_err;
+       strncpy(p->pc_log.pcl_name, name, sizeof(p->pc_log.pcl_name));

 
         p->pc_next = parents;
         parents = p;
         return 0;
 
         p->pc_next = parents;
         parents = p;
         return 0;

+
+out_err:
+       free(p);
+       return -E2BIG;

 }
 
 void lr_cascade_move(const char *fid, const char *dest, struct lr_info *info)
 }
 
 void lr_cascade_move(const char *fid, const char *dest, struct lr_info *info)

diff --git a/lustre/utils/mount_lustre.c b/lustre/utils/mount_lustre.c
index c8fe8a6..20abe44 100644 (file)
--- a/lustre/utils/mount_lustre.c
+++ b/lustre/utils/mount_lustre.c
@@ -324,7 +324,12 @@ static int clear_update_ondisk(char *source, struct lustre_disk_data *ldd)
        memset(&mkop, 0, sizeof(mkop));
        mkop.mo_ldd = *ldd;
        mkop.mo_ldd.ldd_flags &= ~LDD_F_UPDATE;
        memset(&mkop, 0, sizeof(mkop));
        mkop.mo_ldd = *ldd;
        mkop.mo_ldd.ldd_flags &= ~LDD_F_UPDATE;

-       strcpy(mkop.mo_device, source);
+       if (strlen(source) > sizeof(mkop.mo_device)-1) {
+               fatal();
+               fprintf(stderr, "Device name too long: %s\n", source);
+               return -E2BIG;
+       }
+       strncpy(mkop.mo_device, source, sizeof(mkop.mo_device));

 
        ret = osd_prepare_lustre(&mkop,
                        default_mountopts, sizeof(default_mountopts),
 
        ret = osd_prepare_lustre(&mkop,
                        default_mountopts, sizeof(default_mountopts),

diff --git a/lustre/utils/mount_utils_ldiskfs.c b/lustre/utils/mount_utils_ldiskfs.c
index 4c75200..728c349 100644 (file)
--- a/lustre/utils/mount_utils_ldiskfs.c
+++ b/lustre/utils/mount_utils_ldiskfs.c
@@ -1130,9 +1130,17 @@ static char *absolute_path(char *devname)
                        return NULL;
                }
                strcat(buf, "/");
                        return NULL;
                }
                strcat(buf, "/");

-               strcat(buf, devname);
+               if (strlen(devname) > sizeof(buf)-strlen(buf)-1) {
+                       free(path);
+                       return NULL;
+               }
+               strncat(buf, devname, sizeof(buf)-strlen(buf)-1);

        } else {
        } else {

-               strcpy(buf, devname);
+               if (strlen(devname) > sizeof(buf)-1) {
+                       free(path);
+                       return NULL;
+               }
+               strncpy(buf, devname, sizeof(buf));

        }
        /* truncate filename before calling realpath */
        ptr = strrchr(buf, '/');
        }
        /* truncate filename before calling realpath */
        ptr = strrchr(buf, '/');

diff --git a/lustre/utils/obd.c b/lustre/utils/obd.c
index ca2aec8..d3660e6 100644 (file)
--- a/lustre/utils/obd.c
+++ b/lustre/utils/obd.c
@@ -3240,7 +3240,9 @@ static int check_and_complete_ostname(char *fsname, char *ostname)
                         ostname, fsname);
                 return -EINVAL;
         } else {
                         ostname, fsname);
                 return -EINVAL;
         } else {

-             strcpy(real_ostname, ostname);
+               if (strlen(ostname) > sizeof(real_ostname)-1)
+                       return -E2BIG;
+               strncpy(real_ostname, ostname, sizeof(real_ostname));

         }
         /* real_ostname is fsname-????? */
         ptr = real_ostname + strlen(fsname) + 1;
         }
         /* real_ostname is fsname-????? */
         ptr = real_ostname + strlen(fsname) + 1;


@@ -3715,15 +3717,24 @@ int jt_changelog_register(int argc, char **argv)
         }
         obd_ioctl_unpack(&data, buf, sizeof(rawbuf));
 
         }
         obd_ioctl_unpack(&data, buf, sizeof(rawbuf));
 

-        if (data.ioc_u32_1 == 0) {
-                fprintf(stderr, "received invalid userid!\n");
-                return EPROTO;
-        }
+       if (data.ioc_u32_1 == 0) {
+               fprintf(stderr, "received invalid userid!\n");
+               return -EPROTO;
+       }

 
 

-        if (lcfg_get_devname() != NULL)
-                strcpy(devname, lcfg_get_devname());
-        else
-                sprintf(devname, "dev %d", cur_device);
+       if (lcfg_get_devname() != NULL) {
+               if (strlen(lcfg_get_devname()) > sizeof(devname)-1) {
+                       fprintf(stderr, "Dev name too long\n");
+                       return -E2BIG;
+               }
+               strncpy(devname, lcfg_get_devname(), sizeof(devname));
+       } else {
+               if (snprintf(devname, sizeof(devname), "dev %d", cur_device) >=
+                   sizeof(devname)) {
+                       fprintf(stderr, "Dev name too long\n");
+                       return -E2BIG;
+               }
+       }

 
         if (argc == 2)
                 /* -n means bare name */
 
         if (argc == 2)
                 /* -n means bare name */


@@ -3771,17 +3782,26 @@ int jt_changelog_deregister(int argc, char **argv)
         }
         obd_ioctl_unpack(&data, buf, sizeof(rawbuf));
 
         }
         obd_ioctl_unpack(&data, buf, sizeof(rawbuf));
 

-        if (data.ioc_u32_1 != id) {
-                fprintf(stderr, "No changelog user '%s'.  Blocking user"
-                        " is '"CHANGELOG_USER_PREFIX"%d'.\n", argv[1],
-                        data.ioc_u32_1);
-                return ENOENT;
-        }
+       if (data.ioc_u32_1 != id) {
+               fprintf(stderr, "No changelog user '%s'.  Blocking user"
+                       " is '"CHANGELOG_USER_PREFIX"%d'.\n", argv[1],
+                       data.ioc_u32_1);
+               return -ENOENT;
+       }

 
 

-        if (lcfg_get_devname() != NULL)
-                strcpy(devname, lcfg_get_devname());
-        else
-                sprintf(devname, "dev %d", cur_device);
+       if (lcfg_get_devname() != NULL) {
+               if (strlen(lcfg_get_devname()) > sizeof(devname)-1) {
+                       fprintf(stderr, "Dev name too long\n");
+                       return -E2BIG;
+               }
+               strncpy(devname, lcfg_get_devname(), sizeof(devname));
+       } else {
+               if (snprintf(devname, sizeof(devname), "dev %d", cur_device) >=
+                   sizeof(devname)) {
+                       fprintf(stderr, "Dev name too long\n");
+                       return -E2BIG;
+               }
+       }

 
         printf("%s: Deregistered changelog user '"CHANGELOG_USER_PREFIX"%d'\n",
                devname, data.ioc_u32_1);
 
         printf("%s: Deregistered changelog user '"CHANGELOG_USER_PREFIX"%d'\n",
                devname, data.ioc_u32_1);