diff options
Diffstat (limited to 'meta-networking/recipes-daemons/opensaf/opensaf/0001-Fix-string-overflow-in-snprintf.patch')
-rw-r--r-- | meta-networking/recipes-daemons/opensaf/opensaf/0001-Fix-string-overflow-in-snprintf.patch | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/meta-networking/recipes-daemons/opensaf/opensaf/0001-Fix-string-overflow-in-snprintf.patch b/meta-networking/recipes-daemons/opensaf/opensaf/0001-Fix-string-overflow-in-snprintf.patch new file mode 100644 index 000000000..428e46228 --- /dev/null +++ b/meta-networking/recipes-daemons/opensaf/opensaf/0001-Fix-string-overflow-in-snprintf.patch | |||
@@ -0,0 +1,75 @@ | |||
1 | From 8cf323a2d8e02ca0bd36deb38e613c6edac546ad Mon Sep 17 00:00:00 2001 | ||
2 | From: Khem Raj <raj.khem@gmail.com> | ||
3 | Date: Mon, 16 Apr 2018 18:29:17 -0700 | ||
4 | Subject: [PATCH] Fix string overflow in snprintf | ||
5 | |||
6 | Fixes errors like | ||
7 | error: '%s' dir | ||
8 | ective output may be truncated writing up to 255 bytes into a region of size 32 [-Werror=forma | ||
9 | t-truncation=] | ||
10 | snprintf(reinterpret_cast<char *>(Healthy.key), sizeof(Healthy.key), "%s", | ||
11 | ^~~~ | ||
12 | hlth_str); | ||
13 | ~~~~~~~~ | ||
14 | |||
15 | Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
16 | --- | ||
17 | src/log/logd/lgs_util.cc | 4 ++-- | ||
18 | src/rde/rded/rde_amf.cc | 2 +- | ||
19 | src/smf/smfd/SmfUpgradeCampaign.cc | 4 ++-- | ||
20 | 3 files changed, 5 insertions(+), 5 deletions(-) | ||
21 | |||
22 | diff --git a/src/log/logd/lgs_util.cc b/src/log/logd/lgs_util.cc | ||
23 | index ac93d5a..cce80f3 100644 | ||
24 | --- a/src/log/logd/lgs_util.cc | ||
25 | +++ b/src/log/logd/lgs_util.cc | ||
26 | @@ -200,12 +200,12 @@ char *lgs_get_time(time_t *time_in) { | ||
27 | |||
28 | stringSize = 5 * sizeof(char); | ||
29 | snprintf(srcString, (size_t)stringSize, "%d", | ||
30 | - (timeStampData->tm_year + START_YEAR)); | ||
31 | + (timeStampData->tm_year + START_YEAR) & 0x4dU); | ||
32 | |||
33 | strncpy(timeStampString, srcString, stringSize); | ||
34 | |||
35 | stringSize = 3 * sizeof(char); | ||
36 | - snprintf(srcString, (size_t)stringSize, "%02d", (timeStampData->tm_mon + 1)); | ||
37 | + snprintf(srcString, (size_t)stringSize, "%02d", (timeStampData->tm_mon + 1) & 0x2dU); | ||
38 | |||
39 | strncat(timeStampString, srcString, stringSize); | ||
40 | |||
41 | diff --git a/src/rde/rded/rde_amf.cc b/src/rde/rded/rde_amf.cc | ||
42 | index 81e521e..d53cc48 100644 | ||
43 | --- a/src/rde/rded/rde_amf.cc | ||
44 | +++ b/src/rde/rded/rde_amf.cc | ||
45 | @@ -102,7 +102,7 @@ static uint32_t rde_amf_healthcheck_start(RDE_AMF_CB *rde_amf_cb) { | ||
46 | SaAmfHealthcheckKeyT Healthy; | ||
47 | SaNameT SaCompName; | ||
48 | char *phlth_ptr; | ||
49 | - char hlth_str[256]; | ||
50 | + char hlth_str[32]; | ||
51 | |||
52 | TRACE_ENTER(); | ||
53 | |||
54 | diff --git a/src/smf/smfd/SmfUpgradeCampaign.cc b/src/smf/smfd/SmfUpgradeCampaign.cc | ||
55 | index 45cdce8..6761bcf 100644 | ||
56 | --- a/src/smf/smfd/SmfUpgradeCampaign.cc | ||
57 | +++ b/src/smf/smfd/SmfUpgradeCampaign.cc | ||
58 | @@ -447,7 +447,7 @@ SaAisErrorT SmfUpgradeCampaign::tooManyRestarts(bool *o_result) { | ||
59 | TRACE_ENTER(); | ||
60 | SaAisErrorT rc = SA_AIS_OK; | ||
61 | SaImmAttrValuesT_2 **attributes; | ||
62 | - int curCnt = 0; | ||
63 | + short int curCnt = 0; | ||
64 | |||
65 | /* Read the SmfCampRestartInfo object smfCampRestartCnt attr */ | ||
66 | std::string obj = "smfRestartInfo=info," + | ||
67 | @@ -473,7 +473,7 @@ SaAisErrorT SmfUpgradeCampaign::tooManyRestarts(bool *o_result) { | ||
68 | attrsmfCampRestartCnt.setName("smfCampRestartCnt"); | ||
69 | attrsmfCampRestartCnt.setType("SA_IMM_ATTR_SAUINT32T"); | ||
70 | char buf[5]; | ||
71 | - snprintf(buf, 4, "%d", curCnt); | ||
72 | + snprintf(buf, 4, "%hd", curCnt); | ||
73 | attrsmfCampRestartCnt.addValue(buf); | ||
74 | imoCampRestartInfo.addValue(attrsmfCampRestartCnt); | ||
75 | |||