ext4: don't assume that mmp_nodename/bdevname have NUL
authorAndreas Dilger <adilger@dilger.ca>
Sun, 26 Jan 2020 22:03:34 +0000 (15:03 -0700)
committerTheodore Ts'o <tytso@mit.edu>
Thu, 13 Feb 2020 16:53:10 +0000 (11:53 -0500)
Don't assume that the mmp_nodename and mmp_bdevname strings are NUL
terminated, since they are filled in by snprintf(), which is not
guaranteed to do so.

Link: https://lore.kernel.org/r/1580076215-1048-1-git-send-email-adilger@dilger.ca
Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
fs/ext4/mmp.c

index 1c44b1a320015d5eda08adffddd4aba47630817c..87f7551c5132ebeee4fc465fb8161af038329b80 100644 (file)
@@ -120,10 +120,10 @@ void __dump_mmp_msg(struct super_block *sb, struct mmp_struct *mmp,
 {
        __ext4_warning(sb, function, line, "%s", msg);
        __ext4_warning(sb, function, line,
-                      "MMP failure info: last update time: %llu, last update "
-                      "node: %s, last update device: %s",
-                      (long long unsigned int) le64_to_cpu(mmp->mmp_time),
-                      mmp->mmp_nodename, mmp->mmp_bdevname);
+                      "MMP failure info: last update time: %llu, last update node: %.*s, last update device: %.*s",
+                      (unsigned long long)le64_to_cpu(mmp->mmp_time),
+                      (int)sizeof(mmp->mmp_nodename), mmp->mmp_nodename,
+                      (int)sizeof(mmp->mmp_bdevname), mmp->mmp_bdevname);
 }
 
 /*
@@ -154,6 +154,7 @@ static int kmmpd(void *data)
        mmp_check_interval = max(EXT4_MMP_CHECK_MULT * mmp_update_interval,
                                 EXT4_MMP_MIN_CHECK_INTERVAL);
        mmp->mmp_check_interval = cpu_to_le16(mmp_check_interval);
+       BUILD_BUG_ON(sizeof(mmp->mmp_bdevname) < BDEVNAME_SIZE);
        bdevname(bh->b_bdev, mmp->mmp_bdevname);
 
        memcpy(mmp->mmp_nodename, init_utsname()->nodename,
@@ -379,7 +380,8 @@ skip:
        /*
         * Start a kernel thread to update the MMP block periodically.
         */
-       EXT4_SB(sb)->s_mmp_tsk = kthread_run(kmmpd, mmpd_data, "kmmpd-%s",
+       EXT4_SB(sb)->s_mmp_tsk = kthread_run(kmmpd, mmpd_data, "kmmpd-%.*s",
+                                            (int)sizeof(mmp->mmp_bdevname),
                                             bdevname(bh->b_bdev,
                                                      mmp->mmp_bdevname));
        if (IS_ERR(EXT4_SB(sb)->s_mmp_tsk)) {