Fix: illegal memory access in relayd_add_stream

author Mathieu Desnoyers <mathieu.desnoyers@efficios.com>

Tue, 17 May 2016 01:42:57 +0000 (21:42 -0400)

committer Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fri, 20 May 2016 19:12:40 +0000 (15:12 -0400)
author Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Tue, 17 May 2016 01:42:57 +0000 (21:42 -0400)
committer Jérémie Galarneau <jeremie.galarneau@efficios.com>
Fri, 20 May 2016 19:12:40 +0000 (15:12 -0400)
diff --git a/src/common/relayd/relayd.c b/src/common/relayd/relayd.c

index 8f4f07a2088f75fbe0774bb240eb1d887806d958..c8f2ef5f49cc8d75a2d6fb82d49383294862cb91 100644 (file)
--- a/src/common/relayd/relayd.c
+++ b/src/common/relayd/relayd.c
@@ -255,8 +255,16 @@ int relayd_add_stream(struct lttcomm_relayd_sock *rsock, const char *channel_nam
         /* Compat with relayd 2.1 */
         if (rsock->minor == 1) {
                 memset(&msg, 0, sizeof(msg));
-               strncpy(msg.channel_name, channel_name, sizeof(msg.channel_name));
-               strncpy(msg.pathname, pathname, sizeof(msg.pathname));
+               if (lttng_strncpy(msg.channel_name, channel_name,
+                               sizeof(msg.channel_name))) {
+                       ret = -1;
+                       goto error;
+               }
+               if (lttng_strncpy(msg.pathname, pathname,
+                               sizeof(msg.pathname))) {
+                       ret = -1;
+                       goto error;
+               }
  
                 /* Send command */
                 ret = send_command(rsock, RELAYD_ADD_STREAM, (void *) &msg, sizeof(msg), 0);
@@ -266,8 +274,16 @@ int relayd_add_stream(struct lttcomm_relayd_sock *rsock, const char *channel_nam
         } else {
                 memset(&msg_2_2, 0, sizeof(msg_2_2));
                 /* Compat with relayd 2.2+ */
-               strncpy(msg_2_2.channel_name, channel_name, sizeof(msg_2_2.channel_name));
-               strncpy(msg_2_2.pathname, pathname, sizeof(msg_2_2.pathname));
+               if (lttng_strncpy(msg_2_2.channel_name, channel_name,
+                               sizeof(msg_2_2.channel_name))) {
+                       ret = -1;
+                       goto error;
+               }
+               if (lttng_strncpy(msg_2_2.pathname, pathname,
+                               sizeof(msg_2_2.pathname))) {
+                       ret = -1;
+                       goto error;
+               }
                 msg_2_2.tracefile_size = htobe64(tracefile_size);
                 msg_2_2.tracefile_count = htobe64(tracefile_count);
author	Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
	Tue, 17 May 2016 01:42:57 +0000 (21:42 -0400)
committer	Jérémie Galarneau <jeremie.galarneau@efficios.com>
	Fri, 20 May 2016 19:12:40 +0000 (15:12 -0400)