d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix coverity defects: CID 147587

Browse Source 
CID 147587: Out-of-bounds read

Future changes may cause an array overrun of 4096 bytes at byte
offset 4096 by dereferencing pointer dstp.  Adding this additional
check ensures correctness.

Reviewed-by: Chunwei Chen <david.chen@osnexus.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: GeLiXin <ge.lixin@zte.com.cn>
Closes #5297
This commit is contained in:
GeLiXin 2016-12-22 03:27:24 +08:00 committed by Brian Behlendorf
parent 53ed2db212
commit 547c593661
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cmd/zed/zed_event.c
View File

@ -264,6 +264,13 @@ _zed_event_add_var(uint64_t eid, zed_strings_t *zsp,
*dstp++ = '='; *dstp++ = '=';
buflen--; buflen--;
if (buflen <= 0) {
errno = EMSGSIZE;
zed_log_msg(LOG_WARNING, "Failed to add %s for eid=%llu: %s",
keybuf, eid, "Exceeded buffer size");
return (-1);
}
va_start(vargs, fmt); va_start(vargs, fmt);
n = vsnprintf(dstp, buflen, fmt, vargs); n = vsnprintf(dstp, buflen, fmt, vargs);
va_end(vargs); va_end(vargs);