From: James Simmons Date: Mon, 7 Jun 2021 12:33:59 +0000 (-0400) Subject: LU-14093 utils: fix DLSYM buffer over flow X-Git-Tag: 2.14.53~96 X-Git-Url: https://git.whamcloud.com/?p=fs%2Flustre-release.git;a=commitdiff_plain;h=76bea6ca661609e3788d1cfe7e08e4a63af0a349 LU-14093 utils: fix DLSYM buffer over flow The 'name' string passed to DLSYM macro is created from the fsname buffer in load_backfs_module(). That buffer is greater than 512 bytes in size but the temporary buffer in DLSYM is only 64. The newest gcc version detect this bug. mount_utils.c: In function ‘load_backfs_module’: mount_utils.c:530:36: error: ‘%s’ directive output may be truncated writing up to 507 bytes into a region of size 64 [-Werror=format-truncation=] 530 | snprintf(_fname, sizeof(_fname), "%s_%s", prefix, #func); \ | ^~~~~~~ mount_utils.c:593:2: note: in expansion of macro ‘DLSYM’ 593 | DLSYM(name, ops, init); Change-Id: I8ae30a5288f236fb9272dffd40f44175e5e03ef9 Signed-off-by: James Simmons Reviewed-on: https://review.whamcloud.com/43938 Reviewed-by: Alex Zhuravlev Reviewed-by: Arshad Hussain Tested-by: jenkins Tested-by: Maloo Reviewed-by: Oleg Drokin --- diff --git a/lustre/utils/mount_utils.c b/lustre/utils/mount_utils.c index c32c565..37f292f 100644 --- a/lustre/utils/mount_utils.c +++ b/lustre/utils/mount_utils.c @@ -526,7 +526,7 @@ int loop_format(struct mkfs_opts *mop) #ifdef PLUGIN_DIR #define DLSYM(prefix, sym, func) \ do { \ - char _fname[64]; \ + char _fname[PATH_MAX]; \ snprintf(_fname, sizeof(_fname), "%s_%s", prefix, #func); \ sym->func = (typeof(sym->func))dlsym(sym->dl_handle, _fname); \ } while (0)