[fedfs-utils] [PATCH 1/3] nsdbc: Stronger sanity-checking for incoming UUIDs

Mon May 19 09:39:30 PDT 2014

The nsdb-create-fsl command copies command line arguments into
pre-allocated buffers.

Fixes: 04e2508557766ca65d684f82dbbc0d1c1a833a9f
Signed-off-by: Chuck Lever <chuck.lever at oracle.com>
---
 src/nsdbc/nsdb-create-fsl.c |   20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

diff --git a/src/nsdbc/nsdb-create-fsl.c b/src/nsdbc/nsdb-create-fsl.c
index b30ec5df92b0..476749612a18 100644
--- a/src/nsdbc/nsdb-create-fsl.c
+++ b/src/nsdbc/nsdb-create-fsl.c
@@ -105,9 +105,10 @@ nsdb_create_fsl_usage(const char *progname)
 int
 main(int argc, char **argv)
 {
-	char *nce, *fsn_uuid, *fsl_uuid, *servername, *serverpath;
+	char *nce, *servername, *serverpath;
 	char *progname, *binddn, *nsdbname;
 	unsigned short nsdbport, serverport;
+	uuid_t fsn_uu, fsl_uu;
 	struct fedfs_fsl *fsl;
 	FedFsStatus retval;
 	nsdb_t host;
@@ -169,14 +170,11 @@ main(int argc, char **argv)
 		}
 	}
 	if (argc == optind + 4) {
-		uuid_t uu;
-		fsn_uuid = argv[optind];
-		if (uuid_parse(fsn_uuid, uu) == -1) {
+		if (uuid_parse(argv[optind], fsn_uu) == -1) {
 			fprintf(stderr, "Invalid FSN UUID was specified\n");
 			nsdb_create_fsl_usage(progname);
 		}
-		fsl_uuid = argv[optind + 1];
-		if (uuid_parse(fsl_uuid, uu) == -1) {
+		if (uuid_parse(argv[optind + 1], fsl_uu) == -1) {
 			fprintf(stderr, "Invalid FSL UUID was specified\n");
 			nsdb_create_fsl_usage(progname);
 		}
@@ -202,8 +200,8 @@ main(int argc, char **argv)
 		fprintf(stderr, "Failed to allocate FSL\n");
 		goto out;
 	}
-	strcpy(fsl->fl_fsluuid, fsl_uuid);
-	strcpy(fsl->fl_fsnuuid, fsn_uuid);
+	uuid_unparse(fsn_uu, fsl->fl_fsnuuid);
+	uuid_unparse(fsl_uu, fsl->fl_fsluuid);
 
 	retval = FEDFS_ERR_NAMETOOLONG;
 	if (strlen(servername) >= sizeof(fsl->fl_u.fl_nfsfsl.fn_fslhost)) {
@@ -285,7 +283,7 @@ main(int argc, char **argv)
 	switch (retval) {
 	case FEDFS_OK:
 		printf("Successfully created FSL record for %s under %s\n",
-				fsl_uuid, nce);
+				fsl->fl_fsluuid, nce);
 		break;
 	case FEDFS_ERR_NSDB_NONCE:
 		if (nce == NULL)
@@ -306,12 +304,12 @@ main(int argc, char **argv)
 			break;
 		default:
 			fprintf(stderr, "Failed to create FSL %s: %s\n",
-				fsl_uuid, nsdb_ldaperr2string(host));
+				fsl->fl_fsluuid, nsdb_ldaperr2string(host));
 		}
 		break;
 	default:
 		fprintf(stderr, "Failed to create FSL %s: %s\n",
-			fsl_uuid, nsdb_display_fedfsstatus(retval));
+			fsl->fl_fsluuid, nsdb_display_fedfsstatus(retval));
 	}
 
 	nsdb_close_nsdb(host);


