debian/patches/0019-mdopen-fix-gcc-8.1-string-overflow-error.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

From c1b78589cf042221e22a014332b195b2309cb178 Mon Sep 17 00:00:00 2001
From: Jes Sorensen <jsorensen@fb.com>
Date: Thu, 31 May 2018 13:11:21 -0400
Subject: [PATCH 19/26] mdopen: fix gcc 8.1 string overflow error

We already cut symlinks longer than 1000, so rely on this calling
readlink and error out if we are able to read more than 1000 bytes.

Signed-off-by: Jes Sorensen <jsorensen@fb.com>
---
 mdopen.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/mdopen.c b/mdopen.c
index 4ec13f5e..98c54e43 100644
--- a/mdopen.c
+++ b/mdopen.c
@@ -44,7 +44,7 @@ void make_parts(char *dev, int cnt)
 	int nlen = strlen(dev) + 20;
 	char *name;
 	int dig = isdigit(dev[strlen(dev)-1]);
-	char orig[1024];
+	char orig[1001];
 	char sym[1024];
 	int err;
 
@@ -58,8 +58,10 @@ void make_parts(char *dev, int cnt)
 		minor_num = minor(stb.st_rdev);
 		odig = -1;
 	} else if (S_ISLNK(stb.st_mode)) {
-		int len = readlink(dev, orig, sizeof(orig));
-		if (len < 0 || len > 1000)
+		int len;
+
+		len = readlink(dev, orig, sizeof(orig));
+		if (len < 0 || len >= (int)sizeof(orig))
 			return;
 		orig[len] = 0;
 		odig = isdigit(orig[len-1]);
-- 
2.17.1