[pve-devel] applied: [PATCH cluster 1/2] cfs-utils cluster_config_version: actually enforce config_length when matching
Thomas Lamprecht
t.lamprecht at proxmox.com
Thu Aug 29 19:48:04 CEST 2019
Fix out-of-bound read found with AddressSanitizer
Signed-off-by: Thomas Lamprecht <t.lamprecht at proxmox.com>
---
data/src/cfs-utils.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/data/src/cfs-utils.c b/data/src/cfs-utils.c
index 2c91621..acf65b2 100644
--- a/data/src/cfs-utils.c
+++ b/data/src/cfs-utils.c
@@ -167,9 +167,9 @@ cluster_config_version(
GRegex *regex;
GMatchInfo *match_info;
guint64 version = 0;
-
+
regex = g_regex_new ("config_version\\s*:\\s*(\\d+)", 0, 0, NULL);
- g_regex_match (regex, config_data, 0, &match_info);
+ g_regex_match_full(regex, config_data, config_length, 0, 0, &match_info, NULL);
if (g_match_info_matches (match_info)) {
gchar *word = g_match_info_fetch (match_info, 1);
if (strlen(word)) {
--
2.20.1
More information about the pve-devel
mailing list