[PATCH] Remove strcpy() from most Team-controlled code.

Martin Schwenke martin at meltin.net
Fri Mar 18 09:48:49 UTC 2016


On Fri, 18 Mar 2016 11:27:54 +1100, Martin Schwenke <martin at meltin.net>
wrote:

> On Thu, 17 Mar 2016 13:03:24 -0700, Jeremy Allison <jra at samba.org>
> wrote:
> 
> > On Thu, Mar 17, 2016 at 12:53:27PM -0700, Jeremy Allison wrote:  
> > > Removes uses of strcpy() [...]
> > > 
> > > There are still some in ctdb I haven't gotten to
> > > yet.  
> 
> I'll fix up the CTDB ones.
> 
> I've already looked at most of them.  1 is a real worry... but to
> exploit it you need to be able to write to a configuration file.

Patch attached to fix the one in the daemon.  I also added a patch to
sanity check length of interface names when they're setup (i.e. read
from public addresses file or from command-line option).

Please review and maybe push...

I've done the ctdb CLI tool ones as well, but want to have another
look.  The changes in the flag pretty printing code make the code
unreadable.   :-(

peace & happiness,
martin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ctdb.patch
Type: text/x-patch
Size: 2516 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160318/21547009/ctdb.bin>


More information about the samba-technical mailing list