Limit sscanf params with size

Make sure parsed string fits given char buffer.
2025-01-24 06:04:19 +03:00 · 2012-02-23 22:50:50 +00:00 · 2012-02-23 22:50:50 +00:00 · 75ac0b638c
commit 75ac0b638c
parent e3a47a9370
2 changed files with 3 additions and 2 deletions
--- a/1
+++ b/1
@ -1,5 +1,6 @@
 Version 2.02.94 - 
 ====================================
+  Limit sscanf parameters with buffer size in clvmd get_initial_state().
  Use const lv pointer for lv_is_active...() functions. 
  Use same signed numbers in _mirrored_transient_status().
  Integrate client-side lvmetad into build.
--- a/daemons/clvmd/lvm-functions.c
+++ b/daemons/clvmd/lvm-functions.c
@ -1,6 +1,6 @@
 /*
 * Copyright (C) 2002-2004 Sistina Software, Inc. All rights reserved.
- * Copyright (C) 2004-2011 Red Hat, Inc. All rights reserved.
+ * Copyright (C) 2004-2012 Red Hat, Inc. All rights reserved.
 *
 * This file is part of LVM2.
 *
@ -729,7 +729,7 @@ static int get_initial_state(struct dm_hash_table *excl_uuid)
 	}

 	while (fgets(line, sizeof(line), lvs)) {
-	        if (sscanf(line, "%s %s %s %s\n", vg, lv, flags, vg_flags) == 4) {
+	        if (sscanf(line, "%64s %64s %25s %25s\n", vg, lv, flags, vg_flags) == 4) {

 			/* States: s:suspended a:active S:dropped snapshot I:invalid snapshot */
 		        if (strlen(vg) == 38 &&                         /* is is a valid UUID ? */