[prev in list] [next in list] [prev in thread] [next in thread]
List: ltp-list
Subject: [LTP] [PATCH] Fix potential overflows in sched_tc4 and sched_driver
From: Daniel Gollub <dgollub () suse ! de>
Date: 2008-10-22 21:40:03
Message-ID: 200810222340.03981.dgollub () suse ! de
[Download RAW message or body]
Hi,
please find attached a fix for potential overflows in sched_tc4 and sched_driver.
sched_tc4:
RAWDEV could be much large then 16 chars - e.g. /dev/cciss/c0d0p6 (18)
(only use of RAWDEV in entire sched_stress module)
sched_driver:
pathname could be much large then 50 - increased to PATH_MAX.
Problem observed and original fixed by Yi Xu.
Patch got slightly cleaned-up/modified.
Reviewed-by: Daniel Gollub <dgollub@suse.de>
Signed-off-by: Daniel Gollub <dgollub@suse.de>
---
testcases/kernel/sched/sched_stress/sched_driver.c | 3 ++-
testcases/kernel/sched/sched_stress/sched_tc4.c | 8 +++-----
2 files changed, 5 insertions(+), 6 deletions(-)
Index: testcases/kernel/sched/sched_stress/sched_driver.c
===================================================================
--- testcases/kernel/sched/sched_stress/sched_driver.c.orig
+++ testcases/kernel/sched/sched_stress/sched_driver.c
@@ -69,6 +69,7 @@
#include <signal.h>
#include <pwd.h>
#include <time.h>
+#include <limits.h>
#include "sched.h"
/*
@@ -421,7 +422,7 @@ char *name, /* filename of testcase
*param3; /* if sched_tc6: fork flag, 0=false, 1=true */
float *t2; /* if sched_tc6: second time returned from testcase */
{
- char temp[50], /* holds pathname and returned floating number */
+ char temp[PATH_MAX], /* holds pathname and returned floating number */
t2asc[50]; /* holds second returned floating number */
int saved_pid; /* process id of forked process */
FILE *datafile; /* file pointer for temporary file */
Index: testcases/kernel/sched/sched_stress/sched_tc4.c
===================================================================
--- testcases/kernel/sched/sched_stress/sched_tc4.c.orig
+++ testcases/kernel/sched/sched_stress/sched_tc4.c
@@ -189,13 +189,11 @@ void read_raw_device()
int i; /* loop counter */
int blocks=0; /* number of blocks read */
#ifndef __linux__
- static char raw_dev[16] = "/dev/hd2"; /* name of raw device file */
+ char raw_dev[50] = "/dev/hd2"; /* name of raw device file */
#else
- static char raw_dev[16]; /* name of raw device file */
+ char *raw_dev; /* name of raw device file */
- if (getenv("RAWDEV"))
- sprintf(raw_dev, "%s", getenv("RAWDEV"));
- else
+ if ((raw_dev = getenv("RAWDEV")) == NULL)
{
errno = ENODATA;
sys_error("environment variable RAWDEV not set", __FILE__,__LINE__);
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Ltp-list mailing list
Ltp-list@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ltp-list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic