mir/criu
2
0
Fork 0
mirror of https://github.com/checkpoint-restore/criu synced 2025-09-03 15:55:53 +00:00
Code Issues Releases Wiki Activity

lib: don't copy more than the buffer size

Browse Source 
CID 1141012 (#1 of 1): Copy into fixed size buffer (STRING_OVERFLOW)
2. fixed_size_dest: You might overrun the 108 byte fixed-size string
"addr.sun_path" by copying "service_address" without checking the
length.

Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This commit is contained in:
Andrey Vagin
2013-12-23 13:53:53 +04:00
committed by Pavel Emelyanov
parent d4df900236
commit ad0249f649
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/criu.c
View File

@@ -161,7 +161,7 @@ static int criu_connect(void)
memset(&addr, 0, sizeof(addr)); memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_LOCAL; addr.sun_family = AF_LOCAL;
strcpy(addr.sun_path, service_address); strncpy(addr.sun_path, service_address, sizeof(addr.sun_path));
addr_len = strlen(addr.sun_path) + sizeof(addr.sun_family); addr_len = strlen(addr.sun_path) + sizeof(addr.sun_family);