fs: dlm: fix potential buffer overflow

This patch fixes an potential overflow in sscanf and the maximum declared string parsing length which seems to be excluding the null termination symbol. This patch will just add one byte to be prepared on a string with length of DLM_RESNAME_MAXLEN including the null termination symbol. Fixes: 5054e79d ("fs: dlm: add lkb debugfs functionality") Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Alexander Aring <aahringo@redhat.com> Signed-off-by: David Teigland <teigland@redhat.com>

fs: dlm: fix potential buffer overflow
This patch fixes an potential overflow in sscanf and the maximum declared string parsing length which seems to be excluding the null termination symbol. This patch will just add one byte to be prepared on a string with length of DLM_RESNAME_MAXLEN including the null termination symbol. Fixes: 5054e79d ("fs: dlm: add lkb debugfs functionality") Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Alexander Aring <aahringo@redhat.com> Signed-off-by: David Teigland <teigland@redhat.com>
6a628fa4 · Alexander Aring · David Teigland · c8b9f34e · 6a628fa4
Commit 6a628fa4 authored Nov 12, 2021 by Alexander Aring Committed by David Teigland Nov 12, 2021
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

fs/dlm/debug_fs.c fs/dlm/debug_fs.c +1 -1

No files found.
--- a/fs/dlm/debug_fs.c
+++ b/fs/dlm/debug_fs.c
@@ -640,7 +640,7 @@ static ssize_t table_write2(struct file *file, const char __user *user_buf,
 {
 	struct seq_file *seq = file->private_data;
 	int n, len, lkb_nodeid, lkb_status, error;
-	char name[DLM_RESNAME_MAXLEN] = {};
+	char name[DLM_RESNAME_MAXLEN + 1] = {};
 	struct dlm_ls *ls = seq->private;
 	unsigned int lkb_flags;
 	char buf[256] = {};