ldap/servers/slapd/ch_malloc.c | 37 +++++++++++++++++++++++++++++++++
ldap/servers/slapd/localhost.c | 3 +-
ldap/servers/slapd/main.c | 13 +++++++++--
ldap/servers/slapd/slapi-plugin.h | 1
ldap/servers/slapd/task.c | 10 +++++---
ldap/servers/slapd/tools/dbscan.c | 14 ++++++++----
ldap/servers/snmp/main.c | 7 ++++--
8 files changed, 73 insertions(+), 15 deletions(-)
New commits:
commit 43c6ff2e7801ff6bbc03961b3161dd60aebf707a
Author: Noriko Hosoi <nhosoi@redhat.com>
Date: Tue Jul 1 11:35:37 2014 -0700
Ticket #47835 - Coverity: 12687..12692
12687 - Unbounded source buffer
Description: To solve "Passing string argv[0] of unknown size to
usage, which expects a string of a particular size", get ARG_MAX
and pass it to slapi_ch_strndup.
Reviewed by rmeggins@redhat.com (Thanks, Rich!)
https://fedorahosted.org/389/ticket/47835
diff --git a/ldap/servers/slapd/tools/dbscan.c b/ldap/servers/slapd/tools/dbscan.c
index 023fade..bbfcd0e 100644
--- a/ldap/servers/slapd/tools/dbscan.c
+++ b/ldap/servers/slapd/tools/dbscan.c
@@ -1077,16 +1077,17 @@ is_changelog(char *filename)
static void usage(char *argv0)
{
- char *copy = strdup(argv0);
+ long arg_max = sysconf(_SC_ARG_MAX);
+ char *copy = strndup(argv0, arg_max);
char *p0 = NULL, *p1 = NULL;
- if (NULL != copy) {
+ if (copy && (strlen(copy) < arg_max)) {
/* the full path is not needed in the usages */
- p0 = strrchr(argv0, '/');
- if (NULL != p0) {
+ p0 = strrchr(copy, '/');
+ if (p0) {
*p0 = '\0';
p0++;
} else {
- p0 = argv0;
+ p0 = copy;
}
p1 = strrchr(p0, '-'); /* get rid of -bin from the usage */
if (NULL != p1) {
@@ -1124,6 +1125,9 @@ static void usage(char *argv0)
printf(" # display summary of objectclass.db4\n");
printf(" %s -f objectclass.db4\n", p0);
printf("\n");
+ if (copy) {
+ free(copy);
+ }
exit(1);
}
commit 0a546bcb3d4625d6db1dcbb342922b4ddb3bee37
Author: Noriko Hosoi <nhosoi@redhat.com>
Date: Tue Jul 1 11:34:58 2014 -0700
Ticket #47835 - Coverity: 12687..12692
12688 - Unbounded source buffer
Description: To solve "Passing string argv[0] of unknown size to
slapi_ch_strdup, which expects a string of a particular size", get
ARG_MAX and pass it to slapi_ch_strndup.
Reviewed by rmeggins@redhat.com (Thanks, Rich!)
https://fedorahosted.org/389/ticket/47835
diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c
index d577514..1726e67 100644
--- a/ldap/servers/slapd/main.c
+++ b/ldap/servers/slapd/main.c
@@ -650,6 +650,8 @@ main( int argc, char **argv)
int return_value = 0;
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
daemon_ports_t ports_info = {0};
+ long arg_max = 0;
+
#ifndef __LP64__
#if defined(__hpux) && !defined(__ia64)
/* for static constructors */
@@ -722,9 +724,16 @@ main( int argc, char **argv)
No comments:
Post a Comment