[CRIU] [PATCH cr] proc: add a static buffer to prevent segv
Andrew Vagin
avagin at parallels.com
Wed May 2 07:25:43 EDT 2012
On Wed, May 02, 2012 at 03:15:31PM +0400, Cyrill Gorcunov wrote:
> On Wed, May 02, 2012 at 02:57:25PM +0400, Andrew Vagin wrote:
> > On Wed, May 02, 2012 at 02:37:57PM +0400, Andrey Vagin wrote:
> > > A few of our functions use buffer and string functions.
> > > All these functions require that a string contains '\0' at the end.
> > > Before this patch we didn't guarantee that.
> > >
> > > I've seen segmentation fault in parse_pid_stat_small.
> >
> > A short version of buggy code:
> > char buf[128];
> > ret = read(fd, buf, sizeof(buf));
> > tok = strrchr(buf, ')');
> >
> > The strrchr() function returns a pointer to the last occurrence of the
> > character c in the string s.
> >
> > buf should contain '\0'
>
> Yes, strrchr is buggy here, maybe we should add
>
> +#define read_eos(fd, buf, size) \
> + ({ \
> + int r__ = read(fd, buf, size); \
> + if (buf[(size) - 1]) \
> + buf[(size) - 1] = '\0'; \
> + r__; \
> + })
> +
>
> instead? This independent to how buf is allocated and/or it has
> EOS already. This as well makes patch simplier.
parse_maps uses a FILE object.
>
> Cyrill
More information about the CRIU
mailing list