Hi Canh,
The function lgs_is_valid_filelength is being called and it is returning
SA_AIS_ERR_INVALID_PARAM when the length of the filename is greater then 255
characters.
Though tmpDNn is defined local, we are doing a copy of the values and not the
pointer. Hence the pointer will not be invalid.
Please let me know if I am missing anything here.
Thank you
Srinivas
From: Canh Truong [mailto:[email protected]]
Sent: Friday, December 8, 2017 4:21 PM
To: [opensaf:tickets] <[email protected]>
Subject: [opensaf:tickets] #2659 log: saflogger possible use of invalid pointer
Hi Srinivas,
1/ For longDN, file name may be greater 255 characters
2/ variable 'tmpDn' is defined in local and "saAisNameLend(tmpDn,
&logStreamName);" make put the local pointer to "logStreamName". So when
saflogger use "logStreamName", The pointer that was contained in
"logStreamName" may be invalid
_____
HYPERLINK
"https://urldefense.proofpoint.com/v2/url?u=https-3A__sourceforge.net_p_opensaf_tickets_2659_&d=DwMCAg&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=rU6x356sikQZSi7Ttc2DuiqAgbc0QIeANg72N5AllVc&m=QsKpZBXeQCVqfZYa0ImtdbpodqYBFbwllHpFr3Dxui0&s=3nPvg2F_gUC1qivzDxEFE_Sx32XdKPiy-EmCqdeR1EA&e="[tickets:#2659]
log: saflogger possible use of invalid pointer
Status: review
Milestone: 5.18.01
Created: Sun Oct 29, 2017 01:04 PM UTC by Johnny Lind
Last Updated: Fri Dec 08, 2017 10:29 AM UTC
Owner: Srinivas Siva Mangipudy
In case the option -a is given to saflogger with a application name longer than
256 characters and extended names are used, saAisNameLend takes a local stack
allocated char array "tmpDn" as argument and will store a pointer to the local
variable in the SaNameT argument making the SaNameT having invalid pointer
after the scope ends as tmpDn will be freed. The SaNameT variable is then later
used to open a log stream.
_____
Sent from sourceforge.net because you indicated interest in HYPERLINK
"https://urldefense.proofpoint.com/v2/url?u=https-3A__sourceforge.net_p_opensaf_tickets_2659_&d=DwMCAg&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=rU6x356sikQZSi7Ttc2DuiqAgbc0QIeANg72N5AllVc&m=QsKpZBXeQCVqfZYa0ImtdbpodqYBFbwllHpFr3Dxui0&s=3nPvg2F_gUC1qivzDxEFE_Sx32XdKPiy-EmCqdeR1EA&e="https://sourceforge.net/p/opensaf/tickets/2659/
To unsubscribe from further messages, please visit HYPERLINK
"https://urldefense.proofpoint.com/v2/url?u=https-3A__sourceforge.net_auth_subscriptions_&d=DwMCAg&c=RoP1YumCXCgaWHvlZYR8PZh8Bv7qIrMUB65eapI_JnE&r=rU6x356sikQZSi7Ttc2DuiqAgbc0QIeANg72N5AllVc&m=QsKpZBXeQCVqfZYa0ImtdbpodqYBFbwllHpFr3Dxui0&s=fRM3BQMYtjU-WnIIN6AUj5eqT79Ft4B3teqYr8jootI&e="https://sourceforge.net/auth/subscriptions/
---
** [tickets:#2659] log: saflogger possible use of invalid pointer**
**Status:** review
**Milestone:** 5.18.01
**Created:** Sun Oct 29, 2017 01:04 PM UTC by Johnny Lind
**Last Updated:** Fri Dec 08, 2017 10:51 AM UTC
**Owner:** Srinivas Siva Mangipudy
In case the option -a is given to saflogger with a application name longer than
256 characters and extended names are used, saAisNameLend takes a local stack
allocated char array "tmpDn" as argument and will store a pointer to the local
variable in the SaNameT argument making the SaNameT having invalid pointer
after the scope ends as tmpDn will be freed. The SaNameT variable is then later
used to open a log stream.
---
Sent from sourceforge.net because [email protected] is
subscribed to https://sourceforge.net/p/opensaf/tickets/
To unsubscribe from further messages, a project admin can change settings at
https://sourceforge.net/p/opensaf/admin/tickets/options. Or, if this is a
mailing list, you can unsubscribe from the mailing list.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Opensaf-tickets mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opensaf-tickets
