From patchwork Mon May 19 16:39:30 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Chuck Lever <chuck.lever@oracle.com>
X-Patchwork-Id: 350324
Return-Path: <fedfs-utils-devel-bounces@oss.oracle.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 6FD53140091
	for <incoming@patchwork.ozlabs.org>;
	Tue, 20 May 2014 02:41:00 +1000 (EST)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238])
	by aserp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2)
	with ESMTP id s4JGdvea011403
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);
	Mon, 19 May 2014 16:39:57 GMT
Received: from oss.oracle.com (oss-external.oracle.com [137.254.96.51])
	by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id
	s4JGduN3019198
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Mon, 19 May 2014 16:39:56 GMT
Received: from localhost ([127.0.0.1] helo=oss.oracle.com)
	by oss.oracle.com with esmtp (Exim 4.63)
	(envelope-from <fedfs-utils-devel-bounces@oss.oracle.com>)
	id 1WmQbU-0000ZE-K7; Mon, 19 May 2014 09:39:56 -0700
Received: from acsinet22.oracle.com ([141.146.126.238])
	by oss.oracle.com with esmtp (Exim 4.63)
	(envelope-from <chucklever@gmail.com>) id 1WmQb9-0000YL-W0
	for fedfs-utils-devel@oss.oracle.com; Mon, 19 May 2014 09:39:36 -0700
Received: from userp1030.oracle.com (userp1030.oracle.com [156.151.31.80])
	by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id
	s4JGdZY7018339
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
	for <fedfs-utils-devel@oss.oracle.com>; Mon, 19 May 2014 16:39:35 GMT
Received: from mail-ie0-f179.google.com (mail-ie0-f179.google.com
	[209.85.223.179])
	by userp1030.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with
	ESMTP id s4JGdYte020890
	(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=OK)
	for <fedfs-utils-devel@oss.oracle.com>; Mon, 19 May 2014 16:39:34 GMT
Authentication-Results: userp1030.oracle.com; dkim=pass
	reason="2048-bit key" header.d=gmail.com header.i=@gmail.com
	header.b=Hd3FFydX
Received: by mail-ie0-f179.google.com with SMTP id rd18so2416341iec.38
	for <fedfs-utils-devel@oss.oracle.com>;
	Mon, 19 May 2014 09:39:33 -0700 (PDT)
X-Received: by 10.50.50.231 with SMTP id f7mr18261553igo.42.1400517573843;
	Mon, 19 May 2014 09:39:33 -0700 (PDT)
Received: from seurat.1015granger.net
	([2604:8800:100:81fc:20c:29ff:fe44:ec31])
	by mx.google.com with ESMTPSA id
	z4sm22099511igl.13.2014.05.19.09.39.32
	for <fedfs-utils-devel@oss.oracle.com>
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Mon, 19 May 2014 09:39:32 -0700 (PDT)
To: fedfs-utils-devel@oss.oracle.com
From: Chuck Lever <chuck.lever@oracle.com>
Date: Mon, 19 May 2014 12:39:30 -0400
Message-ID: <20140519163930.13956.20167.stgit@seurat.1015granger.net>
In-Reply-To: <20140519163049.13956.70350.stgit@seurat.1015granger.net>
References: <20140519163049.13956.70350.stgit@seurat.1015granger.net>
User-Agent: StGit/0.16
MIME-Version: 1.0
X-Flow-Control-Info: class=Pass-to-MM reputation=ipRisk-All ip=209.85.223.179
	ct-class=R4 ct-vol1=-96 ct-vol2=8 ct-vol3=7 ct-risk=35
	ct-spam1=50 ct-spam2=7 ct-bulk=6 rcpts=1 size=2530
X-Sendmail-CM-Score: 0.00%
X-Sendmail-CM-Analysis: v=2.1 cv=NtPoLatJ c=1 sm=1 tr=0
	a=LFjR4rNE8MGwP7hykJJA8w==:117 a=dzsqy3y4QnMA:10
	a=NimpIjKZTo0A:10 a=dPGociXpb70A:10 a=IkcTkHD0fZMA:10
	a=xqWC_Br6kY4A:10 a=yPCof4ZbAAAA:8 a=Lb1rMZzfAAAA:8
	a=1XWaLZrsAAAA:8 a=TmoVFHvFo9gga2LrfbsA:9 a=QEXdDO
	2ut3YA:10 a=7DSvI1NPTFQA:10
X-Sendmail-CT-RefID: str=0001.0A090204.537A33C6.03FC, ss=1, re=0.000,
	recu=0.000, reip=0.000, cl=1, cld=1, fgs=0
X-Sendmail-CT-Classification: not spam
Subject: [fedfs-utils] [PATCH 1/3] nsdbc: Stronger sanity-checking for
	incoming UUIDs
X-BeenThere: fedfs-utils-devel@oss.oracle.com
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: fedfs-utils Developers <fedfs-utils-devel@oss.oracle.com>
List-Id: fedfs-utils Developers <fedfs-utils-devel.oss.oracle.com>
List-Unsubscribe: <https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel>,
	<mailto:fedfs-utils-devel-request@oss.oracle.com?subject=unsubscribe>
List-Archive: <http://oss.oracle.com/pipermail/fedfs-utils-devel>
List-Post: <mailto:fedfs-utils-devel@oss.oracle.com>
List-Help: <mailto:fedfs-utils-devel-request@oss.oracle.com?subject=help>
List-Subscribe: <https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel>,
	<mailto:fedfs-utils-devel-request@oss.oracle.com?subject=subscribe>
Sender: fedfs-utils-devel-bounces@oss.oracle.com
Errors-To: fedfs-utils-devel-bounces@oss.oracle.com
X-Source-IP: acsinet22.oracle.com [141.146.126.238]

The nsdb-create-fsl command copies command line arguments into
pre-allocated buffers.

Fixes: 04e2508557766ca65d684f82dbbc0d1c1a833a9f
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
 src/nsdbc/nsdb-create-fsl.c |   20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

diff --git a/src/nsdbc/nsdb-create-fsl.c b/src/nsdbc/nsdb-create-fsl.c
index b30ec5df92b0..476749612a18 100644
--- a/src/nsdbc/nsdb-create-fsl.c
+++ b/src/nsdbc/nsdb-create-fsl.c
@@ -105,9 +105,10 @@ nsdb_create_fsl_usage(const char *progname)
 int
 main(int argc, char **argv)
 {
-	char *nce, *fsn_uuid, *fsl_uuid, *servername, *serverpath;
+	char *nce, *servername, *serverpath;
 	char *progname, *binddn, *nsdbname;
 	unsigned short nsdbport, serverport;
+	uuid_t fsn_uu, fsl_uu;
 	struct fedfs_fsl *fsl;
 	FedFsStatus retval;
 	nsdb_t host;
@@ -169,14 +170,11 @@ main(int argc, char **argv)
 		}
 	}
 	if (argc == optind + 4) {
-		uuid_t uu;
-		fsn_uuid = argv[optind];
-		if (uuid_parse(fsn_uuid, uu) == -1) {
+		if (uuid_parse(argv[optind], fsn_uu) == -1) {
 			fprintf(stderr, "Invalid FSN UUID was specified\n");
 			nsdb_create_fsl_usage(progname);
 		}
-		fsl_uuid = argv[optind + 1];
-		if (uuid_parse(fsl_uuid, uu) == -1) {
+		if (uuid_parse(argv[optind + 1], fsl_uu) == -1) {
 			fprintf(stderr, "Invalid FSL UUID was specified\n");
 			nsdb_create_fsl_usage(progname);
 		}
@@ -202,8 +200,8 @@ main(int argc, char **argv)
 		fprintf(stderr, "Failed to allocate FSL\n");
 		goto out;
 	}
-	strcpy(fsl->fl_fsluuid, fsl_uuid);
-	strcpy(fsl->fl_fsnuuid, fsn_uuid);
+	uuid_unparse(fsn_uu, fsl->fl_fsnuuid);
+	uuid_unparse(fsl_uu, fsl->fl_fsluuid);
 
 	retval = FEDFS_ERR_NAMETOOLONG;
 	if (strlen(servername) >= sizeof(fsl->fl_u.fl_nfsfsl.fn_fslhost)) {
@@ -285,7 +283,7 @@ main(int argc, char **argv)
 	switch (retval) {
 	case FEDFS_OK:
 		printf("Successfully created FSL record for %s under %s\n",
-				fsl_uuid, nce);
+				fsl->fl_fsluuid, nce);
 		break;
 	case FEDFS_ERR_NSDB_NONCE:
 		if (nce == NULL)
@@ -306,12 +304,12 @@ main(int argc, char **argv)
 			break;
 		default:
 			fprintf(stderr, "Failed to create FSL %s: %s\n",
-				fsl_uuid, nsdb_ldaperr2string(host));
+				fsl->fl_fsluuid, nsdb_ldaperr2string(host));
 		}
 		break;
 	default:
 		fprintf(stderr, "Failed to create FSL %s: %s\n",
-			fsl_uuid, nsdb_display_fedfsstatus(retval));
+			fsl->fl_fsluuid, nsdb_display_fedfsstatus(retval));
 	}
 
 	nsdb_close_nsdb(host);