Patchwork [11/15] fedfsc: utf8string's are not NUL-terminated

login
register
mail settings
Submitter Chuck Lever
Date Oct. 25, 2011, 4:49 p.m.
Message ID <20111025164956.18584.57196.stgit@seurat.1015granger.net>
Download mbox | patch
Permalink /patch/121754/
State Accepted
Headers show

Comments

Chuck Lever - Oct. 25, 2011, 4:49 p.m.
Take care when printing utf8strings.  They are not NUL-terminated.
Even if there is a NUL character after the string, it was not
allocated by malloc(3), so allowing printf("%s") to walk down these
strings until it finds a NUL will cause it to run into bad memory.

The solution to this is to ensure a printf precision formatter is
always used when displaying utf8string data.
---

 src/fedfsc/fedfs-lookup-junction.c    |   12 ++++++++----
 src/fedfsc/fedfs-lookup-replication.c |   12 ++++++++----
 2 files changed, 16 insertions(+), 8 deletions(-)

Patch

diff --git a/src/fedfsc/fedfs-lookup-junction.c b/src/fedfsc/fedfs-lookup-junction.c
index 365ff43..db224ee 100644
--- a/src/fedfsc/fedfs-lookup-junction.c
+++ b/src/fedfsc/fedfs-lookup-junction.c
@@ -130,8 +130,10 @@  fedfs_lookup_junction_print_nsdbname(const char *pre_text,
 		printf("%s: NSDB name was empty\n", pre_text);
 		return;
 	}
-	printf("%s: %s:%u\n", pre_text,
-		nsdbname.hostname.utf8string_val, nsdbname.port);
+	printf("%s: %.*s:%u\n", pre_text,
+		nsdbname.hostname.utf8string_len,
+		nsdbname.hostname.utf8string_val,
+		nsdbname.port);
 }
 
 static void
@@ -151,8 +153,10 @@  fedfs_lookup_junction_print_nfs_fsl(FedFsNfsFsl fsl)
 	if (fsl.hostname.utf8string_val == NULL)
 		printf(" FSL hostname: empty\n");
 	else
-		printf(" FSL hostname: %s:%u\n", fsl.hostname.utf8string_val,
-								fsl.port);
+		printf(" FSL hostname: %.*s:%u\n",
+			fsl.hostname.utf8string_len,
+			fsl.hostname.utf8string_val,
+			fsl.port);
 	status = nsdb_fedfspathname_to_posix(fsl.path, &pathname);
 	if (status != FEDFS_OK)
 		printf(" Returned NFS export pathname was invalid: %s\n",
diff --git a/src/fedfsc/fedfs-lookup-replication.c b/src/fedfsc/fedfs-lookup-replication.c
index 2de129b..c0cd64d 100644
--- a/src/fedfsc/fedfs-lookup-replication.c
+++ b/src/fedfsc/fedfs-lookup-replication.c
@@ -130,8 +130,10 @@  fedfs_lookup_replication_print_nsdbname(const char *pre_text,
 		printf("%s: NSDB name was empty\n", pre_text);
 		return;
 	}
-	printf("%s: %s:%u\n", pre_text, nsdbname.hostname.utf8string_val,
-								nsdbname.port);
+	printf("%s: %.*s:%u\n", pre_text,
+		nsdbname.hostname.utf8string_len,
+		nsdbname.hostname.utf8string_val,
+		nsdbname.port);
 }
 
 static void
@@ -151,8 +153,10 @@  fedfs_lookup_replication_print_nfs_fsl(FedFsNfsFsl fsl)
 	if (fsl.hostname.utf8string_val == NULL)
 		printf("FSL hostname: empty\n");
 	else
-		printf("FSL hostname: %s:%u\n", fsl.hostname.utf8string_val,
-								fsl.port);
+		printf("FSL hostname: %.*s:%u\n",
+			fsl.hostname.utf8string_len,
+			fsl.hostname.utf8string_val,
+			fsl.port);
 	status = nsdb_fedfspathname_to_posix(fsl.path, &pathname);
 	if (status != FEDFS_OK)
 		printf("Returned NFS export pathname was invalid: %s\n",