From: Yunchuan Wen <yunchuan.wen@kylin-cloud.com>
Date: Fri, 16 Dec 2016 07:03:17 +0000 (+0800)
Subject: client: fix potential buffer overflow
X-Git-Tag: v12.0.0~258^2~1
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=c1aae140c8481dd39e40df8159c3fceefc74f1a7;p=ceph.git

client: fix potential buffer overflow

Trace::peek_string try to fill char *buf without any length check.
I think string buf is the better way to handle it.

Signed-off-by: Yunchuan Wen <yunchuan.wen@kylin-cloud.com>
---

diff --git a/src/client/Trace.cc b/src/client/Trace.cc
index d95b3856e700..43494cd4e7e0 100644
--- a/src/client/Trace.cc
+++ b/src/client/Trace.cc
@@ -52,22 +52,22 @@ void Trace::start()
   _line = 1;
 }
 
-const char *Trace::peek_string(char *buf, const char *prefix)
+const char *Trace::peek_string(string &buf, const char *prefix)
 {
   //if (prefix) cout << "prefix '" << prefix << "' line '" << line << "'" << std::endl;
   if (prefix &&
       strstr(line.c_str(), "/prefix") == line.c_str()) {
-    strcpy(buf, prefix);
-    strcpy(buf + strlen(prefix),
-	   line.c_str() + strlen("/prefix"));
+    buf.clear();
+    buf.append(prefix);
+    buf.append(line.c_str() + strlen("/prefix"));
   } else {
-    strcpy(buf, line.c_str());
+    buf = line;
   }
-  return buf;
+  return buf.c_str();
 }
 
 
-const char *Trace::get_string(char *buf, const char *prefix)
+const char *Trace::get_string(string &buf, const char *prefix)
 {
   peek_string(buf, prefix);
 
@@ -77,5 +77,5 @@ const char *Trace::get_string(char *buf, const char *prefix)
   getline(*fs, line);
   //cout << "next line is " << line << std::endl;
 
-  return buf;
+  return buf.c_str();
 }
diff --git a/src/client/Trace.h b/src/client/Trace.h
index 7da2eaf896d7..2f90c4f7c397 100644
--- a/src/client/Trace.h
+++ b/src/client/Trace.h
@@ -51,11 +51,11 @@ class Trace {
 
   void start();
 
-  const char *peek_string(char *buf, const char *prefix);
-  const char *get_string(char *buf, const char *prefix);
+  const char *peek_string(string &buf, const char *prefix);
+  const char *get_string(string &buf, const char *prefix);
 
   int64_t get_int() {
-    char buf[20];
+    string buf;
     return atoll(get_string(buf, 0));
   }
   bool end() {