From 4be4c8809ecebd4e0b17c6df7999da0451e630d2 Mon Sep 17 00:00:00 2001
From: "Brian J. Murrell" <brian.murrell@oracle.com>
Date: Wed, 1 Sep 2010 03:47:27 +0400
Subject: [PATCH] b=23663 fix buffer overflow in liblustre

i=dmitry
i=andrew

The space allocated to ll_instance to store the "%p" notation for a
pointer was failing to allocate enough space for the leading "0x" in
addition to the space for the actual address bytes.
---
 lustre/liblustre/super.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lustre/liblustre/super.c b/lustre/liblustre/super.c
index 31987ac..f7e1693 100644
--- a/lustre/liblustre/super.c
+++ b/lustre/liblustre/super.c
@@ -1847,7 +1847,7 @@ llu_fsswop_mount(const char *source,
         struct lustre_md md;
         class_uuid_t uuid;
         struct config_llog_instance cfg = {0, };
-        char ll_instance[sizeof(sbi) * 2 + 1];
+        char ll_instance[sizeof(sbi) * 2 + 3];
         struct lustre_profile *lprof;
         char *zconf_mgsnid, *zconf_profile;
         char *osc = NULL, *mdc = NULL;
@@ -1878,7 +1878,7 @@ llu_fsswop_mount(const char *source,
 
         /* generate a string unique to this super, let's try
          the address of the super itself.*/
-        sprintf(ll_instance, "%p", sbi);
+        snprintf(ll_instance, sizeof(ll_instance), "%p", sbi);
 
         /* retrive & parse config log */
         cfg.cfg_instance = ll_instance;
-- 
1.8.3.1