From c53667ac45c9202d9766753a49004afdd5d13e0d Mon Sep 17 00:00:00 2001 From: Zdenek Kabelac Date: Thu, 1 Mar 2012 10:07:38 +0000 Subject: [PATCH] Check for version string buffer Since lvm seems to call driver_version(NULL, 0) this would lead to crash. Though the combination of the code is probably very hard to hit. If the user doesn't supply version buffer, just skip printing to buffer. --- WHATS_NEW_DM | 1 + libdm/ioctl/libdm-iface.c | 14 +++++++++++--- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/WHATS_NEW_DM b/WHATS_NEW_DM index 98f10199d..f44a89fd1 100644 --- a/WHATS_NEW_DM +++ b/WHATS_NEW_DM @@ -1,5 +1,6 @@ Version 1.02.73 - ==================================== + Support dm_task_get_driver_version() query without version string. Log failure of pthread_join when cleaning unused threads in dmeventd. Fix empty string warning logic in _find_config_str. (1.02.68) Fix dm_task_set_name to properly resolve path to dm name (1.02.71). diff --git a/libdm/ioctl/libdm-iface.c b/libdm/ioctl/libdm-iface.c index f67959979..2d2be416e 100644 --- a/libdm/ioctl/libdm-iface.c +++ b/libdm/ioctl/libdm-iface.c @@ -467,14 +467,21 @@ int dm_task_get_driver_version(struct dm_task *dmt, char *version, size_t size) unsigned *v; if (!dmt->dmi.v4) { - version[0] = '\0'; + if (version) + version[0] = '\0'; return 0; } v = dmt->dmi.v4->version; - snprintf(version, size, "%u.%u.%u", v[0], v[1], v[2]); _dm_version_minor = v[1]; _dm_version_patchlevel = v[2]; + if (version && + (snprintf(version, size, "%u.%u.%u", v[0], v[1], v[2]) < 0)) { + log_error("Buffer for version is to short."); + if (size > 0) + version[0] = '\0' + return 0; + } return 1; } @@ -494,7 +501,8 @@ static int _check_version(char *version, size_t size, int log_suppress) _log_suppress = 1; r = dm_task_run(task); - dm_task_get_driver_version(task, version, size); + if (!dm_task_get_driver_version(task, version, size)) + stack; dm_task_destroy(task); _log_suppress = 0;