nfs-utils/SOURCES/nfs-utils-1.3.0-exportfs-bufsiz.patch - backupdr - Git at Google

 diff -up nfs-utils-1.3.0/utils/exportfs/exportfs.c.orig nfs-utils-1.3.0/utils/exportfs/exportfs.c
 --- nfs-utils-1.3.0/utils/exportfs/exportfs.c.orig	2016-05-03 11:06:55.925043000 -0400
 +++ nfs-utils-1.3.0/utils/exportfs/exportfs.c	2016-05-03 11:11:58.680677000 -0400
 @@ -508,9 +508,10 @@ unexportfs(char *arg, int verbose)

  static int can_test(void)
  {
 -	char buf[1024];
 +	char buf[1024] = { 0 };
  	int fd;
  	int n;
 +	size_t bufsiz = sizeof(buf);

  	fd = open("/proc/net/rpc/auth.unix.ip/channel", O_WRONLY);
  	if (fd < 0)
 @@ -523,9 +524,9 @@ static int can_test(void)
  	 * commit 2f74f972  (sunrpc: prepare NFS for 2038).
  	 */
  	if (time(NULL) > INT_TO_LONG_THRESHOLD_SECS)
 -		sprintf(buf, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX);
 +		snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX);
  	else
 -		sprintf(buf, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX);
 +		snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX);

  	n = write(fd, buf, strlen(buf));
  	close(fd);
 @@ -541,7 +542,8 @@ static int can_test(void)

  static int test_export(char *path, int with_fsid)
  {
 -	char buf[1024];
 +	/* beside max path, buf size should take protocol str into account */
 +	char buf[NFS_MAXPATHLEN+1+64] = { 0 };
  	char *bp = buf;
  	int len = sizeof(buf);
  	int fd, n;
 @@ -766,7 +768,8 @@ dumpopt(char c, char *fmt, ...)
  static void
  dump(int verbose, int export_format)
  {
 -	char buf[1024];
 +	/* buf[] size should >= sizeof(struct exportent->e_path) */
 +	char buf[NFS_MAXPATHLEN+1] = { 0 };
  	char *bp;
  	int len;
  	nfs_export	*exp;
	diff -up nfs-utils-1.3.0/utils/exportfs/exportfs.c.orig nfs-utils-1.3.0/utils/exportfs/exportfs.c
	--- nfs-utils-1.3.0/utils/exportfs/exportfs.c.orig 2016-05-03 11:06:55.925043000 -0400
	+++ nfs-utils-1.3.0/utils/exportfs/exportfs.c 2016-05-03 11:11:58.680677000 -0400
	@@ -508,9 +508,10 @@ unexportfs(char *arg, int verbose)

	static int can_test(void)
	{
	- char buf[1024];
	+ char buf[1024] = { 0 };
	int fd;
	int n;
	+ size_t bufsiz = sizeof(buf);

	fd = open("/proc/net/rpc/auth.unix.ip/channel", O_WRONLY);
	if (fd < 0)
	@@ -523,9 +524,9 @@ static int can_test(void)
	* commit 2f74f972 (sunrpc: prepare NFS for 2038).
	*/
	if (time(NULL) > INT_TO_LONG_THRESHOLD_SECS)
	- sprintf(buf, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX);
	+ snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %ld -test-client-\n", LONG_MAX);
	else
	- sprintf(buf, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX);
	+ snprintf(buf, bufsiz-1, "nfsd 0.0.0.0 %d -test-client-\n", INT_MAX);

	n = write(fd, buf, strlen(buf));
	close(fd);
	@@ -541,7 +542,8 @@ static int can_test(void)

	static int test_export(char *path, int with_fsid)
	{
	- char buf[1024];
	+ /* beside max path, buf size should take protocol str into account */
	+ char buf[NFS_MAXPATHLEN+1+64] = { 0 };
	char *bp = buf;
	int len = sizeof(buf);
	int fd, n;
	@@ -766,7 +768,8 @@ dumpopt(char c, char *fmt, ...)
	static void
	dump(int verbose, int export_format)
	{
	- char buf[1024];
	+ /* buf[] size should >= sizeof(struct exportent->e_path) */
	+ char buf[NFS_MAXPATHLEN+1] = { 0 };
	char *bp;
	int len;
	nfs_export *exp;