[
https://issues.apache.org/jira/browse/YARN-7455?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16273622#comment-16273622
]
Jim Brennan commented on YARN-7455:
-----------------------------------
Thanks for the suggestions. Using snprintf to calculate the size is great idea
- definitely more maintainable. I will rework and submit a new patch.
Manually writing the NUL is just paranoia - I agree it is not necessary in this
case.
> quote_and_append_arg can overflow buffer
> ----------------------------------------
>
> Key: YARN-7455
> URL: https://issues.apache.org/jira/browse/YARN-7455
> Project: Hadoop YARN
> Issue Type: Bug
> Components: nodemanager
> Affects Versions: 2.9.0, 3.0.0
> Reporter: Jason Lowe
> Assignee: Jim Brennan
> Attachments: YARN-7455.001.patch, YARN-7455.002.patch
>
>
> While reviewing YARN-7197 I noticed that add_mounts in docker_util.c has a
> potential buffer overflow since tmp_buffer is only 1024 bytes which may not
> be sufficient to hold the specified mount path.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org
