[CRIU] [PATCH cr] proc: add a static buffer to prevent segv

Cyrill Gorcunov gorcunov at openvz.org
Wed May 2 07:15:31 EDT 2012


On Wed, May 02, 2012 at 02:57:25PM +0400, Andrew Vagin wrote:
> On Wed, May 02, 2012 at 02:37:57PM +0400, Andrey Vagin wrote:
> > A few of our functions use buffer and string functions.
> > All these functions require that a string contains '\0' at the end.
> > Before this patch we didn't guarantee that.
> > 
> > I've seen segmentation fault in parse_pid_stat_small.
> 
> A short version of buggy code:
> char buf[128];
> ret = read(fd, buf, sizeof(buf));
> tok = strrchr(buf, ')');
> 
> The strrchr()  function returns a pointer to the last occurrence of the
> character c in the string s.
> 
> buf should contain '\0'

Yes, strrchr is buggy here, maybe we should add

+#define read_eos(fd, buf, size)                                \
+       ({                                                      \
+               int r__ = read(fd, buf, size);                  \
+               if (buf[(size) - 1])                            \
+                       buf[(size) - 1] = '\0';                 \
+               r__;                                            \
+       })
+

instead? This independent to how buf is allocated and/or it has
EOS already. This as well makes patch simplier.

	Cyrill


More information about the CRIU mailing list