mir/criu
2
0
Fork 0
mirror of https://github.com/checkpoint-restore/criu synced 2025-08-29 13:28:27 +00:00
Code Issues Releases Wiki Activity

files: link remap -- Fix potential buffer overrun

Browse Source 
If the former file had a path long enough to be near
PATH_MAX limit, sprintf'ing link_remap.%d here might
overrun the limit. Use snprintf instead.

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This commit is contained in:
Cyrill Gorcunov 2013-12-26 12:56:31 +04:00 committed by Pavel Emelyanov
parent 1c2b1633d9
commit c1fd865645
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
files-reg.c
View File

@ -379,7 +379,7 @@ static int create_link_remap(char *path, int len, int lfd, u32 *idp)
rfe.name = link_name + 1;
/* Any 'unique' name works here actually. Remap works by reg-file ids. */
sprintf(tmp + 1, "link_remap.%d", rfe.id);
snprintf(tmp + 1, sizeof(link_name) - (size_t)(tmp - link_name - 1), "link_remap.%d", rfe.id);
if (linkat(lfd, "", mntns_root, link_name, AT_EMPTY_PATH) < 0) {
pr_perror("Can't link remap to %s", path);