From b73356b500f9ff364c09e6d78e62fc0e79fbfbac Mon Sep 17 00:00:00 2001
From: Jason Dillaman <dillaman@redhat.com>
Date: Tue, 20 Sep 2016 07:25:36 -0400
Subject: [PATCH] librbd: block name prefix might overflow fixed size C-string

The issue which resulted in too large v2 image ids was fixed
under #16887.

Fixes: http://tracker.ceph.com/issues/17310
Signed-off-by: Jason Dillaman <dillaman@redhat.com>
(cherry picked from commit 61734d266c6ee476c2f5fcfbbaefc7d0c7939617)
---
 src/librbd/internal.cc | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/librbd/internal.cc b/src/librbd/internal.cc
index a999f6f79b0d1..de75c1859ef55 100644
--- a/src/librbd/internal.cc
+++ b/src/librbd/internal.cc
@@ -469,9 +469,10 @@ int mirror_image_disable_internal(ImageCtx *ictx, bool force,
     info.obj_size = 1ULL << obj_order;
     info.num_objs = Striper::get_num_objects(ictx->layout, info.size);
     info.order = obj_order;
-    memcpy(&info.block_name_prefix, ictx->object_prefix.c_str(),
-	   min((size_t)RBD_MAX_BLOCK_NAME_SIZE,
-	       ictx->object_prefix.length() + 1));
+    strncpy(info.block_name_prefix, ictx->object_prefix.c_str(),
+            RBD_MAX_BLOCK_NAME_SIZE);
+    info.block_name_prefix[RBD_MAX_BLOCK_NAME_SIZE - 1] = '\0';
+
     // clear deprecated fields
     info.parent_pool = -1L;
     info.parent_name[0] = '\0';
-- 
2.39.5