packages/lxcfs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix dev_name stack overflow using fscanf

Browse Source
This commit is contained in:
vegbir 2022-03-02 14:28:18 +08:00
parent e54fbf1e86
commit b6b22c6d79
2 changed files with 46 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
0019-fix-dev_name-stack-overflow.patch Normal file
View File

@ -0,0 +1,41 @@
From 89b2479830756188cfe81cbe34fbb83a33e67dfd Mon Sep 17 00:00:00 2001
From: yangjiaqi <yangjiaqi16@huawei.com>
Date: Wed, 2 Mar 2022 14:20:40 +0800
Subject: [PATCH] fix dev_name stack overflow
---
src/proc_fuse.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/proc_fuse.c b/src/proc_fuse.c
index 0f66c40..a1c0265 100644
--- a/src/proc_fuse.c
+++ b/src/proc_fuse.c
@@ -497,7 +497,7 @@ struct devinfo* container_dev_read(pid_t pid) {
struct dirent *ptr;
struct stat dev_stat;
struct devinfo *head = NULL, *end;
- char fpath[100], dev_name[100];
+ char fpath[100], dev_name[101];
pid_t child_pid;
int mypipe[2];
int dev_num;
@@ -574,6 +574,7 @@ child_out:
}
wait_for_pid(child_pid);
child_pid = 0;
+ memset(dev_name, 0, sizeof(dev_name));
while (fscanf(stream, "%100s%d", dev_name, &dev_num) == 2) {
if (dev_num == 0) {
break;
@@ -593,6 +594,7 @@ child_out:
end->name = must_copy_string(dev_name);
end->major = major(dev_num);
end->minor = minor(dev_num);
+ memset(dev_name, 0, sizeof(dev_name));
}
err:
if (stream)
--
2.32.0 (Apple Git-132)

6
lxcfs.spec
View File

@ -4,7 +4,7 @@
#Basic Information
Name: lxcfs
Version: 4.0.11
Release: 2
Release: 3
Summary: FUSE filesystem for LXC
License: LGPL 2.1+
URL: http://linuxcontainers.org
@ -28,6 +28,7 @@ Patch9015: 0015-lxcfs-adapt-4.18-kernel.patch
Patch9016: 0016-remove-lxcfs-tools-dependency-for-common-use.patch
Patch9017: 0017-proc_fuse-fix-wait-child-process-hang.patch
Patch9018: 0018-fix-deadlock-problem-when-subprocess-exit.patch
Patch9019: 0019-fix-dev_name-stack-overflow.patch
#Dependency
BuildRequires: autoconf automake libtool help2man
@ -89,6 +90,9 @@ fi
%{_unitdir}/*
%changelog
* Wed Mar 02 2022 yangjiaqi <yangjiaqi16@huawei.com> - 4.0.11-3
- fix dev_name stack overflow when using fscanf
* Fri Dec 17 2021 yangjiaqi <yangjiaqi16@huawei.com> - 4.0.11-2
- fix deadlock caused by subprocess calling lxcfs_exit