[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 2/3] hw/9pfs/virtio-9p-local.c: use snprintf() i
From: |
Chen Gang |
Subject: |
Re: [Qemu-devel] [PATCH 2/3] hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf() |
Date: |
Tue, 04 Mar 2014 08:38:20 +0800 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 |
On 03/03/2014 10:42 PM, Markus Armbruster wrote:
> Chen Gang <address@hidden> writes:
>
>> On 03/03/2014 04:34 PM, Markus Armbruster wrote:
>>> Turns a buffer overrun bug into a truncation bug. The next commit fixes
>>> truncation bugs including this one. Would be nice to spell this out in
>>> the commit message. Perhaps Aneesh can do it on commit.
>>>
[...]
>>
>> Please help doing it on commit.
>
[...]
> If you respin your series anyway, simply improve your commit message.
> Something like this would do:
>
> hw/9pfs: Fix buffer overrun in local_remove(), local_unlinkat()
>
> When 'ctx->fs_root' + 'path'/'fullname.data' is larger than
> PATH_MAX, we overrunning a buffer, smashing the stack.
>
> Fix by switching from sprintf() to snprintf(). Turns the buffer
> overrun bugs into truncation bugs. The next commit will fix them
> along with similar truncation bugs elsewhere in 9pfs.
>
OK, thank you for your details information.
And I guess, at present, I need not send patch v2 for this series
(Aneesh has helped done for them).
Thanks.
--
Chen Gang
Open, share, and attitude like air, water, and life which God blessed
- [Qemu-devel] [PATCH 2/3] hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf(), (continued)
- Re: [Qemu-devel] [PATCH 2/3] hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf(), Markus Armbruster, 2014/03/03
- Re: [Qemu-devel] [PATCH 2/3] hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf(), Chen Gang, 2014/03/03
- Re: [Qemu-devel] [PATCH 2/3] hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf(), Markus Armbruster, 2014/03/03
- Re: [Qemu-devel] [PATCH 2/3] hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf(),
Chen Gang <=
- Re: [Qemu-devel] [PATCH 2/3] hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf(), Aneesh Kumar K.V, 2014/03/03
- Re: [Qemu-devel] [PATCH 2/3] hw/9pfs/virtio-9p-local.c: use snprintf() instead of sprintf(), Aneesh Kumar K.V, 2014/03/03
Re: [Qemu-devel] [PATCH 1/3] hw/9pfs/virtio-9p-local.c: move v9fs_string_free() to below "err_out:", Aneesh Kumar K.V, 2014/03/03
Re: [Qemu-devel] [PATCH 0/3] hw/9pfs: fix 3 issues which related with path string, Eric Blake, 2014/03/03