Fix: illegal memory access in write_pidfile
authorMathieu Desnoyers <mathieu.desnoyers@efficios.com>
Tue, 17 May 2016 01:42:52 +0000 (21:42 -0400)
committerJérémie Galarneau <jeremie.galarneau@efficios.com>
Tue, 17 May 2016 04:29:44 +0000 (00:29 -0400)
Found by Coverity:
CID 1243023 (#1 of 1): Buffer not null terminated
(BUFFER_SIZE_WARNING)3. buffer_size_warning: Calling strncpy with a
maximum size argument of 4096 bytes on destination array pidfile_path of
size 4096 bytes might leave the destination string unterminated.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
src/bin/lttng-sessiond/main.c

index d94dbd7908fb33b35fea1ba9349c2c56d8c43c2e..6081fb2b026818b43c60302d1e9d60a316336300 100644 (file)
@@ -5443,7 +5443,10 @@ static int write_pidfile(void)
        assert(rundir);
 
        if (opt_pidfile) {
-               strncpy(pidfile_path, opt_pidfile, sizeof(pidfile_path));
+               if (lttng_strncpy(pidfile_path, opt_pidfile, sizeof(pidfile_path))) {
+                       ret = -1;
+                       goto error;
+               }
        } else {
                /* Build pidfile path from rundir and opt_pidfile. */
                ret = snprintf(pidfile_path, sizeof(pidfile_path), "%s/"
This page took 0.030283 seconds and 4 git commands to generate.