cli: Fix heap-buffer-overflow issue reported by ASAN

GF_MALLOC was being used to allocate memory which is not initialized. strcat is used on it which could result in buffer overflow if it contains garbage before '\0'. So changed it to GF_CALLOC. Traceback: ==23427==ERROR: AddressSanitizer: heap-buffer-overflow ... WRITE of size 5 at 0x6080000083fe thread T3 #0 0x7fb60966991c in __interceptor_strcat ... #1 0x48adc0 in config_parse ... #2 0x48cde8 in cli_cmd_gsync_set_parse ... ... Updates: bz#1633930 Change-Id: I3710f011d8139984b1898265d84d150c9bdc962b Signed-off-by: Kotresh HR <khiremat@redhat.com>
2018-10-14 19:54:48 +05:30 · 2018-10-14 19:54:48 +05:30 · 68299b2443
commit 68299b2443
parent f73b4476b1
1 changed files with 4 additions and 1 deletions
--- a/cli/src/cli-cmd-parser.c
+++ b/cli/src/cli-cmd-parser.c
@ -2746,7 +2746,10 @@ config_parse(const char **words, int wordcount, dict_t *dict, unsigned cmdi,
            /* trailing strcat will add two bytes, make space for that */
            append_len++;

-            append_str = GF_MALLOC(append_len, cli_mt_append_str);
+            /* strcat is used on this allocation and hence expected to be
+             * initiatlized to 0. So GF_CALLOC is used.
+             */
+            append_str = GF_CALLOC(1, append_len, cli_mt_append_str);
            if (!append_str) {
                ret = -1;
                goto out;