From: Yan, Zheng Date: Wed, 15 Feb 2017 03:45:26 +0000 (+0800) Subject: test/libcephfs: avoid buffer overflow when testing ceph_getdents() X-Git-Tag: v11.2.1~136^2 X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=473ad4ea2a35c74d89605b5579a4ff3866134c2d;p=ceph.git test/libcephfs: avoid buffer overflow when testing ceph_getdents() The buffer size should be at least "2 * sizeof(struct dirent)". Otherwise, the code that checks dentry '..' overflow. Fixes: http://tracker.ceph.com/issues/18941 Signed-off-by: "Yan, Zheng" (cherry picked from commit fa6671345b8f3a82dcd232f99e55a982b0a641f1) --- diff --git a/src/test/libcephfs/test.cc b/src/test/libcephfs/test.cc index e2864f8e964cc..283d46ff25651 100644 --- a/src/test/libcephfs/test.cc +++ b/src/test/libcephfs/test.cc @@ -362,7 +362,7 @@ TEST(LibCephFS, DirLs) { // test getdents struct dirent *getdents_entries; - getdents_entries = (struct dirent *)malloc(r * sizeof(*getdents_entries)); + getdents_entries = (struct dirent *)malloc((r + 2) * sizeof(*getdents_entries)); int count = 0; std::vector found;