diff options
author | GeLiXin <[email protected]> | 2016-12-22 03:27:24 +0800 |
---|---|---|
committer | Brian Behlendorf <[email protected]> | 2016-12-21 11:27:24 -0800 |
commit | 547c5936613ef296559eda5177b6391cfbbfb5c6 (patch) | |
tree | 4a3a1a3394c5456e33d1f337ee641a2af865e5a9 /cmd/zed/zed_event.c | |
parent | 53ed2db212320e99e1426be832f4968eb7c42adf (diff) |
Fix coverity defects: CID 147587
CID 147587: Out-of-bounds read
Future changes may cause an array overrun of 4096 bytes at byte
offset 4096 by dereferencing pointer dstp. Adding this additional
check ensures correctness.
Reviewed-by: Chunwei Chen <[email protected]>
Reviewed-by: Brian Behlendorf <[email protected]>
Signed-off-by: GeLiXin <[email protected]>
Closes #5297
Diffstat (limited to 'cmd/zed/zed_event.c')
-rw-r--r-- | cmd/zed/zed_event.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/cmd/zed/zed_event.c b/cmd/zed/zed_event.c index 1a5f15ebf..b289ebf22 100644 --- a/cmd/zed/zed_event.c +++ b/cmd/zed/zed_event.c @@ -264,6 +264,13 @@ _zed_event_add_var(uint64_t eid, zed_strings_t *zsp, *dstp++ = '='; buflen--; + if (buflen <= 0) { + errno = EMSGSIZE; + zed_log_msg(LOG_WARNING, "Failed to add %s for eid=%llu: %s", + keybuf, eid, "Exceeded buffer size"); + return (-1); + } + va_start(vargs, fmt); n = vsnprintf(dstp, buflen, fmt, vargs); va_end(vargs); |