[CRIU] [PATCH] zdtm/chroot: allocate enough memory for a path
Andrei Vagin
avagin at openvz.org
Fri Sep 29 04:12:15 MSK 2017
From: Andrei Vagin <avagin at virtuozzo.com>
==36==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x60200000001c at pc 0x7fb26c88d5f9 bp 0x7ffc15087d40 sp 0x7ffc150874d0
WRITE of size 13 at 0x60200000001c thread T0
#0 0x7fb26c88d5f8 in vsprintf (/lib64/libasan.so.4+0x9e5f8)
#1 0x7fb26c88d986 in __interceptor_sprintf (/lib64/libasan.so.4+0x9e986)
#2 0x402453 in main /root/git/main/criu/test/zdtm/static/chroot.c:68
#3 0x7fb26c43e4d9 in __libc_start_main (/lib64/libc.so.6+0x204d9)
#4 0x4031b9 in _start (/root/git/main/criu/test/zdtm/static/chroot+0x4031b9)
Signed-off-by: Andrei Vagin <avagin at virtuozzo.com>
---
test/zdtm/static/chroot.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test/zdtm/static/chroot.c b/test/zdtm/static/chroot.c
index 39b1ace0c..439a8e7dc 100644
--- a/test/zdtm/static/chroot.c
+++ b/test/zdtm/static/chroot.c
@@ -64,7 +64,7 @@ int main(int argc, char **argv)
test_init(argc, argv);
- filepath = malloc(strlen(filename) + 1);
+ filepath = malloc(strlen(filename) + 2);
sprintf(filepath, "/%s", filename);
pipe(pipe_prep);
--
2.13.3
More information about the CRIU
mailing list