librbd: block name prefix might overflow fixed size C-string

The issue which resulted in too large v2 image ids was fixed
under #16887.

Fixes: http://tracker.ceph.com/issues/17310
Signed-off-by: Jason Dillaman <dillaman@redhat.com>
(cherry picked from commit 61734d266c6ee476c2f5fcfbbaefc7d0c7939617)

diff --git a/src/librbd/internal.cc b/src/librbd/internal.cc
index f4b110eea8ce0c37c2780e1429cfd527f88e7882..69dd52178898b01d008f0a3a47290017b6cef011 100644 (file)
--- a/src/librbd/internal.cc
+++ b/src/librbd/internal.cc
@@ -252,9 +252,10 @@ int validate_pool(IoCtx &io_ctx, CephContext *cct) {
     info.obj_size = 1ULL << obj_order;
     info.num_objs = Striper::get_num_objects(ictx->layout, info.size);
     info.order = obj_order;
-    memcpy(&info.block_name_prefix, ictx->object_prefix.c_str(),
-          min((size_t)RBD_MAX_BLOCK_NAME_SIZE,
-              ictx->object_prefix.length() + 1));
+    strncpy(info.block_name_prefix, ictx->object_prefix.c_str(),
+            RBD_MAX_BLOCK_NAME_SIZE);
+    info.block_name_prefix[RBD_MAX_BLOCK_NAME_SIZE - 1] = '\0';
+
     // clear deprecated fields
     info.parent_pool = -1L;
     info.parent_name[0] = '\0';