[lttng-dev] [PATCH lttng-tools] Fix: Properly sanitize input parameter
Yannick Lamarre
ylamarre at efficios.com
Tue Mar 26 14:21:23 EDT 2019
The lttng client uses the sizeof the containing buffer for input string
sanitation instead of libc defined macro.
Signed-off-by: Yannick Lamarre <ylamarre at efficios.com>
---
lttng-enable_channel was improperly verifying user input and wrongly rejected
valid input.
src/bin/lttng/commands/enable_channels.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/bin/lttng/commands/enable_channels.c b/src/bin/lttng/commands/enable_channels.c
index b4e2942c..5e314d9b 100644
--- a/src/bin/lttng/commands/enable_channels.c
+++ b/src/bin/lttng/commands/enable_channels.c
@@ -244,7 +244,7 @@ static int enable_channel(char *session_name)
void *extended_ptr;
/* Validate channel name's length */
- if (strlen(channel_name) >= NAME_MAX) {
+ if (strlen(channel_name) > sizeof(chan_opts.name) - 1) {
ERR("Channel name is too long (max. %zu characters)",
sizeof(chan_opts.name) - 1);
error = 1;
--
2.11.0
More information about the lttng-dev
mailing list