1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
From 92bec88d0904bfb31c808085c2fd0f22d0ec8db7 Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <cyphar@cyphar.com>
Date: Mon, 20 Jun 2022 19:09:57 +1000
Subject: [PATCH] utils: lockfile: avoid stack overflow for lockfile buffer
There appears to have been some change on openSUSE (likely some new
hardening flags for builds, or some glibc hardening) such that incorrect
buffer handling results in a segfault even if the buffer is never
overflowed.
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
---
src/utils/lockfile.cc | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/utils/lockfile.cc b/src/utils/lockfile.cc
index 7d11d8c99..fac5cb23e 100644
--- a/src/utils/lockfile.cc
+++ b/src/utils/lockfile.cc
@@ -98,7 +98,8 @@ Lockfile::try_lock() {
int pos = ::gethostname(buf, 255);
if (pos == 0) {
- ::snprintf(buf + std::strlen(buf), 255, ":+%i\n", ::getpid());
+ ssize_t len = std::strlen(buf);
+ ::snprintf(buf + len, 255 - len, ":+%i\n", ::getpid());
int __UNUSED result = ::write(fd, buf, std::strlen(buf));
}
|