forked from pool/systemd
b8b836245b
- Add systemctl-options.patch: handle SYSTEMCTL_OPTIONS internaly (bnc#798620). - Update crypt-loop-file.patch to correctly detect crypto loop files (bnc#799514). - Add journalctl-remove-leftover-message.patch: remove debug message in systemctl. - Add job-avoid-recursion-when-cancelling.patch: prevent potential recursion when cancelling a service. - Add sysctl-parse-all-keys.patch: ensure sysctl file is fully parsed. - Add journal-fix-cutoff-max-date.patch: fix computation of cutoff max date for journal. - Add reword-rescue-mode-hints.patch: reword rescue prompt. - Add improve-overflow-checks.patch: improve time overflow checks. - Add fix-swap-behaviour-with-symlinks.patch: fix swap behaviour with symlinks. - Add hostnamectl-fix-set-hostname-with-no-argument.patch: ensure hostnamectl requires an argument when called with set-hostname option. - Add agetty-overrides-term.patch: pass correctly terminal type to agetty. - Add check-for-empty-strings-in-strto-conversions.patch: better check for empty strings in strto* conversions. - Add strv-cleanup-error-path-loops.patch: cleanup strv on error path. - Add cryptsetup-handle-plain.patch: correctly handle "plain" option in cryptsetup. - Add fstab-generator-improve-error-message.patch: improve error message in fstab-generator. - Add delta-accept-t-option.patch: accept -t option in OBS-URL: https://build.opensuse.org/request/show/149703 OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=331
49 lines
1.8 KiB
Diff
49 lines
1.8 KiB
Diff
From ac97e2c559f5d386a332aba4a24bf9930cdb1c51 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
|
Date: Mon, 19 Nov 2012 16:36:38 +0100
|
|
Subject: [PATCH] core/load-fragment: fix (potential) bad memory access
|
|
|
|
strncmp() could be used with size bigger then the size of the string,
|
|
because MAX was used instead of MIN.
|
|
|
|
If failing, print just the offending mount flag.
|
|
---
|
|
src/core/load-fragment.c | 17 ++++++++++++-----
|
|
1 file changed, 12 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
|
|
index 01f9484..6933e1a 100644
|
|
--- a/src/core/load-fragment.c
|
|
+++ b/src/core/load-fragment.c
|
|
@@ -1101,15 +1101,22 @@ int config_parse_exec_mount_flags(
|
|
assert(rvalue);
|
|
assert(data);
|
|
|
|
- FOREACH_WORD_QUOTED(w, l, rvalue, state) {
|
|
- if (strncmp(w, "shared", MAX(l, 6U)) == 0)
|
|
+ FOREACH_WORD_SEPARATOR(w, l, rvalue, ", ", state) {
|
|
+ char _cleanup_free_ *t;
|
|
+
|
|
+ t = strndup(w, l);
|
|
+ if (!t)
|
|
+ return -ENOMEM;
|
|
+
|
|
+ if (streq(t, "shared"))
|
|
flags |= MS_SHARED;
|
|
- else if (strncmp(w, "slave", MAX(l, 5U)) == 0)
|
|
+ else if (streq(t, "slave"))
|
|
flags |= MS_SLAVE;
|
|
- else if (strncmp(w, "private", MAX(l, 7U)) == 0)
|
|
+ else if (streq(w, "private"))
|
|
flags |= MS_PRIVATE;
|
|
else {
|
|
- log_error("[%s:%u] Failed to parse mount flags, ignoring: %s", filename, line, rvalue);
|
|
+ log_error("[%s:%u] Failed to parse mount flag %s, ignoring: %s",
|
|
+ filename, line, t, rvalue);
|
|
return 0;
|
|
}
|
|
}
|
|
--
|
|
1.7.10.4
|
|
|