From patchwork Sun May 11 21:30:28 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Chuck Lever <chuck.lever@oracle.com>
X-Patchwork-Id: 347833
Return-Path: <fedfs-utils-devel-bounces@oss.oracle.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 78840140083
	for <incoming@patchwork.ozlabs.org>;
	Mon, 12 May 2014 07:30:38 +1000 (EST)
Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237])
	by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2)
	with ESMTP id s4BLUZHn028744
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);
	Sun, 11 May 2014 21:30:36 GMT
Received: from oss.oracle.com (oss-external.oracle.com [137.254.96.51])
	by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id
	s4BLUYgM004090
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Sun, 11 May 2014 21:30:35 GMT
Received: from localhost ([127.0.0.1] helo=oss.oracle.com)
	by oss.oracle.com with esmtp (Exim 4.63)
	(envelope-from <fedfs-utils-devel-bounces@oss.oracle.com>)
	id 1WjbKM-0004He-RJ; Sun, 11 May 2014 14:30:34 -0700
Received: from ucsinet22.oracle.com ([156.151.31.94])
	by oss.oracle.com with esmtp (Exim 4.63)
	(envelope-from <chucklever@gmail.com>) id 1WjbKK-0004HO-1U
	for fedfs-utils-devel@oss.oracle.com; Sun, 11 May 2014 14:30:32 -0700
Received: from userp1030.oracle.com (userp1030.oracle.com [156.151.31.80])
	by ucsinet22.oracle.com (8.14.5+Sun/8.14.5) with ESMTP id
	s4BLUVT1025681
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL)
	for <fedfs-utils-devel@oss.oracle.com>; Sun, 11 May 2014 21:30:31 GMT
Received: from mail-ig0-f178.google.com (mail-ig0-f178.google.com
	[209.85.213.178])
	by userp1030.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with
	ESMTP id s4BLUUMg018855
	(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=OK)
	for <fedfs-utils-devel@oss.oracle.com>; Sun, 11 May 2014 21:30:31 GMT
Authentication-Results: userp1030.oracle.com; dkim=pass
	reason="2048-bit key" header.d=gmail.com header.i=@gmail.com
	header.b=GfTe5uFH
Received: by mail-ig0-f178.google.com with SMTP id hl10so3087935igb.11
	for <fedfs-utils-devel@oss.oracle.com>;
	Sun, 11 May 2014 14:30:30 -0700 (PDT)
X-Received: by 10.50.20.8 with SMTP id j8mr19897461ige.17.1399843830450;
	Sun, 11 May 2014 14:30:30 -0700 (PDT)
Received: from seurat.1015granger.net
	([2604:8800:100:81fc:20c:29ff:fe44:ec31])
	by mx.google.com with ESMTPSA id
	m8sm16905862igx.9.2014.05.11.14.30.29
	for <fedfs-utils-devel@oss.oracle.com>
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Sun, 11 May 2014 14:30:29 -0700 (PDT)
To: fedfs-utils-devel@oss.oracle.com
From: Chuck Lever <chuck.lever@oracle.com>
Date: Sun, 11 May 2014 17:30:28 -0400
Message-ID: <20140511213028.13852.83986.stgit@seurat.1015granger.net>
In-Reply-To: <20140511212416.13852.92639.stgit@seurat.1015granger.net>
References: <20140511212416.13852.92639.stgit@seurat.1015granger.net>
User-Agent: StGit/0.16
MIME-Version: 1.0
X-Flow-Control-Info: class=Pass-to-MM reputation=ipRisk-All ip=209.85.213.178
	ct-class=R5 ct-vol1=-98 ct-vol2=8 ct-vol3=7 ct-risk=48
	ct-spam1=77 ct-spam2=7 ct-bulk=6 rcpts=1 size=634
X-Sendmail-CM-Score: 0.00%
X-Sendmail-CM-Analysis: v=2.1 cv=CYoxutbl c=1 sm=1 tr=0
	a=JgEN6Axa/wLaDsLOUMemmg==:117 a=dzsqy3y4QnMA:10
	a=S-B-PQuzZfoA:10 a=dPGociXpb70A:10 a=IkcTkHD0fZMA:10
	a=xqWC_Br6kY4A:10 a=yPCof4ZbAAAA:8 a=Lb1rMZzfAAAA:8
	a=1XWaLZrsAAAA:8 a=61s-_B3wMjQXHvi_aW0A:9 a=QEXdDO
	2ut3YA:10 a=7DSvI1NPTFQA:10
X-Sendmail-CT-RefID: str=0001.0A090207.536FEBF7.0051, ss=1, re=0.000,
	recu=0.000, reip=0.000, cl=1, cld=1, fgs=0
X-Sendmail-CT-Classification: not spam
Subject: [fedfs-utils] [PATCH 17/17] nfsref: Avoid buffer overrun in nfsref
	command
X-BeenThere: fedfs-utils-devel@oss.oracle.com
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: fedfs-utils Developers <fedfs-utils-devel@oss.oracle.com>
List-Id: fedfs-utils Developers <fedfs-utils-devel.oss.oracle.com>
List-Unsubscribe: <https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel>,
	<mailto:fedfs-utils-devel-request@oss.oracle.com?subject=unsubscribe>
List-Archive: <http://oss.oracle.com/pipermail/fedfs-utils-devel>
List-Post: <mailto:fedfs-utils-devel@oss.oracle.com>
List-Help: <mailto:fedfs-utils-devel-request@oss.oracle.com?subject=help>
List-Subscribe: <https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel>,
	<mailto:fedfs-utils-devel-request@oss.oracle.com?subject=subscribe>
Sender: fedfs-utils-devel-bounces@oss.oracle.com
Errors-To: fedfs-utils-devel-bounces@oss.oracle.com
X-Source-IP: acsinet21.oracle.com [141.146.126.237]

Fixes: 04a9ffdfdb3ae73724b4293eade7d7c9dc342d8f
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
 src/nfsref/add.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/nfsref/add.c b/src/nfsref/add.c
index 52974c9..f18f339 100644
--- a/src/nfsref/add.c
+++ b/src/nfsref/add.c
@@ -311,7 +311,8 @@ nfsref_add_nfs_fsl_defaults(const char *server, const char *rootpath,
 {
 	FedFsStatus retval;
 
-	/* XXX: check the server hostname length */
+	if (strlen(server) >= sizeof(new->fn_fslhost))
+		return FEDFS_ERR_NAMETOOLONG;
 	strcpy(new->fn_fslhost, server);
 	new->fn_fslport = 0;