Hi Rahul, Please see inline
On Mon, Jan 21, 2013 at 12:24 PM, rahul <[email protected]> wrote: > Guys, > > I see few problems with the function idbm_recinfo_config(). Can > someone please take a look and confirm ? > > void idbm_recinfo_config(recinfo_t *info, FILE *f) > { > char name[NAME_MAXVAL]; > char value[VALUE_MAXVAL]; > char *line, *nl, buffer[2048]; > int line_number = 0; > int c = 0, i; > > fseek(f, 0, SEEK_SET); > > /* process the config file */ > do { > line = fgets(buffer, sizeof (buffer), f); > line_number++; > if (!line) > continue; > > nl = line + strlen(line) - 1; > if (*nl != '\n') { > log_warning("Config file line %d too long.", > line_number); > continue; > } > > Here, if the line is too long that it cannot fit into the buffer, > shouldn't we need to ignore the rest of the line ? > > I dont see anything worng here fgets reads either till end of line or till given size. Refer to link http://pubs.opengroup.org/onlinepubs/007904875/functions/fgets.html The fgets() function shall read bytes from stream into the array pointed to by s, until n-1 bytes are read, or a <newline> is read and transferred to s, or an end-of-file condition is encountered. The string is then terminated with a null byte. > > > Secondly, while reading the "name", we do not check for the array size. > /* parse name */ > i=0; nl = line; *name = 0; > while (*nl && !isspace(c = *nl) && *nl != '=') { > *(name+i) = *nl; i++; nl++; <<< we may go beyond end of > array "name". > } > > Similarly, we can go beyond end of array "value". > while (*nl) { > *(value+i) = *nl; i++; nl++; > } > > > thanks, > rahul > > > -- > You received this message because you are subscribed to the Google Groups > "open-iscsi" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/open-iscsi/-/f3nnefBafawJ. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/open-iscsi?hl=en. > -- Regards Manish Kumar Singh Member Technical Staff Chelsio (India) Private Limited Subramanya Arcade, Floor 3, Tower B No. 12, Bannerghatta Road, Bangalore-560076 Karnataka, India T: +1-91-80-4039-6800 Ext. 2234 -- You received this message because you are subscribed to the Google Groups "open-iscsi" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/open-iscsi?hl=en.
