From ee78a83b5e72887ee40d18d82a750258e6939817 Mon Sep 17 00:00:00 2001 From: Petros Angelatos Date: Tue, 22 Mar 2016 03:40:29 -0700 Subject: btrfs-progs: utils: make sure set_label_mounted uses correct length buffers When `btrfs filesystem label /foo bar` command is invoked, it will pass the buffer allocated in the argv array directly to set_label_mounted() and then to the BTRFS_IOC_SET_FSLABEL ioctl. However, the kernel code handling the ioctl will always try to copy BTRFS_LABEL_SIZE bytes[1] from the userland pointer. Under certain conditions and when the label is small enough, the command will fail with: [root@localhost /]# btrfs filesystem label /mnt f ERROR: unable to set label Bad address Fix this by making sure we pass a BTRFS_LABEL_SIZE sized buffer to the ioctl containing the desired label. [1] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/fs/btrfs/ioctl.c?id=refs/tags/v4.5#n5231 Signed-off-by: Petros Angelatos Signed-off-by: David Sterba --- utils.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/utils.c b/utils.c index c0c564e2..6602472b 100644 --- a/utils.c +++ b/utils.c @@ -1755,9 +1755,10 @@ static int set_label_unmounted(const char *dev, const char *label) return 0; } -static int set_label_mounted(const char *mount_path, const char *label) +static int set_label_mounted(const char *mount_path, const char *labelp) { int fd; + char label[BTRFS_LABEL_SIZE]; fd = open(mount_path, O_RDONLY | O_NOATIME); if (fd < 0) { @@ -1765,6 +1766,8 @@ static int set_label_mounted(const char *mount_path, const char *label) return -1; } + memset(label, 0, sizeof(label)); + strncpy(label, labelp, sizeof(label)); if (ioctl(fd, BTRFS_IOC_SET_FSLABEL, label) < 0) { fprintf(stderr, "ERROR: unable to set label %s\n", strerror(errno)); -- cgit v1.2.3