Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

blackbox: fix potential overlow/memory corruption #486

Merged
merged 1 commit into from
Jun 5, 2023
Merged

blackbox: fix potential overlow/memory corruption #486

merged 1 commit into from
Jun 5, 2023

Conversation

chrissie-c
Copy link
Contributor

if the message was too long, then msg_len was added to the buffer size twice, thus causing potential data corruption (seen VERY rarely in the CI test - or, at least, I think it was this).

Also fix a double close() spotted by gcc13's -fanalyzer

@chrissie-c
blackbox: fix potential overlow/memory corruption
544a7c9 
if the message was too long, then msg_len was added to the
buffer size twice, thus causing potential data corruption
(seen VERY rarely in the CI test - or, at least, I think it was
this).

Also fix a double close() spotted by gcc13's -fanalyzer
jfriesse
jfriesse approved these changes Jun 1, 2023
View reviewed changes
Copy link
Member

@jfriesse jfriesse left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ACK. Nice to see gcc analyzer gets better than coverity ;)

@chrissie-c
Copy link
Contributor Author

retest this please

@chrissie-c chrissie-c merged commit 5862acb into main Jun 5, 2023
@chrissie-c chrissie-c deleted the fix-log-overflow branch June 5, 2023 08:51
bmwiedemann pushed a commit to bmwiedemann/openSUSE that referenced this pull request Jun 21, 2023
@bmwiedemann
Update libqb to version 2.0.7+20230607.06c8641 / rev 35 via SR 1093859
bb431ab 
https://build.opensuse.org/request/show/1093859
by user yan_gao + dimstar_suse
- Update to version 2.0.7+20230607.06c8641 (v2.0.7):
- blackbox: fix potential overlow/memory corruption (gh#ClusterLabs/libqb#486)
- tests: allow -j to work (gh#ClusterLabs/libqb#485)
- strlcpy: avoid compiler warning from strncpy (gh#ClusterLabs/libqb#473)
- timer: Move state check to before time check (gh#ClusterLabs/libqb#479)
- ipc: Retry receiving credentials if the the message is short (gh#ClusterLabs/libqb#476, rh#2111711)
- lib: Fix some small bugs spotted by newest covscan (gh#ClusterLabs/libqb#471)
- doxygen2man: Fix function parameter alignment (gh#ClusterLabs/libqb#468) (forwarded request 1093858 from yan_gao)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jfriesse jfriesse jfriesse approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@chrissie-c @jfriesse