From: John Spray <john.spray@inktank.com>
Date: Tue, 22 Apr 2014 15:31:27 +0000 (+0100)
Subject: mds: make strncpy in ::respawn safer
X-Git-Tag: v0.80-rc1~6^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F1711%2Fhead;p=ceph.git

mds: make strncpy in ::respawn safer

Previous code assumed null terminated argv[0]
was not longer than PATH_MAX and the resulting
strncpy was not strictly safe.

Modify the bounds to ensure that copy will not
result in an unterminated string if argv[0]
is oversized.

Signed-off-by: John Spray <john.spray@inktank.com>
---

diff --git a/src/mds/MDS.cc b/src/mds/MDS.cc
index e717dd7f762b..1d9015a22eb6 100644
--- a/src/mds/MDS.cc
+++ b/src/mds/MDS.cc
@@ -1711,7 +1711,7 @@ void MDS::respawn()
     dout(1) << " cwd " << cwd << dendl;
 
     /* Fall back to a best-effort: just running in our CWD */
-    strncpy(exe_path, orig_argv[0], sizeof(exe_path));
+    strncpy(exe_path, orig_argv[0], sizeof(exe_path) - 1);
   }
 
   dout(1) << " exe_path " << exe_path << dendl;