Give strlcat() full buffer lengths rather than smaller buffer lengths
strlcat() is supposed to be given the length of the destination buffer,
including the existing contents. Unfortunately, I had been overzealous
when I wrote a51288aabb
, since I gave it
the length of the destination buffer, minus the existing contents. This
likely caused a regression on large strings.
On the topic of being overzealous, the use of strlcat() in
dmu_send_estimate_fast() was unnecessary because recv_clone_name is a
fixed length string. We continue using strlcat() mostly as defensive
programming, in case the string length is ever changed, even though it
is unnecessary.
Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Richard Yao <richard.yao@alumni.stonybrook.edu>
Closes #14476
This commit is contained in:
parent
cfd57573ff
commit
ab672133a9
|
@ -97,7 +97,7 @@ nfs_init_tmpfile(const char *prefix, const char *mdir, struct tmpfile *tmpf)
|
||||||
}
|
}
|
||||||
|
|
||||||
strlcpy(tmpf->name, prefix, sizeof (tmpf->name));
|
strlcpy(tmpf->name, prefix, sizeof (tmpf->name));
|
||||||
strlcat(tmpf->name, ".XXXXXXXX", sizeof (tmpf->name) - strlen(prefix));
|
strlcat(tmpf->name, ".XXXXXXXX", sizeof (tmpf->name));
|
||||||
|
|
||||||
int fd = mkostemp(tmpf->name, O_CLOEXEC);
|
int fd = mkostemp(tmpf->name, O_CLOEXEC);
|
||||||
if (fd == -1) {
|
if (fd == -1) {
|
||||||
|
|
|
@ -4590,7 +4590,7 @@ zfs_receive_one(libzfs_handle_t *hdl, int infd, const char *tosnap,
|
||||||
B_FALSE, destsnap) == 0) {
|
B_FALSE, destsnap) == 0) {
|
||||||
*strchr(destsnap, '@') = '\0';
|
*strchr(destsnap, '@') = '\0';
|
||||||
(void) strlcat(destsnap, suffix,
|
(void) strlcat(destsnap, suffix,
|
||||||
sizeof (destsnap) - strlen(destsnap));
|
sizeof (destsnap));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
@ -4626,7 +4626,7 @@ zfs_receive_one(libzfs_handle_t *hdl, int infd, const char *tosnap,
|
||||||
B_FALSE, destsnap) == 0) {
|
B_FALSE, destsnap) == 0) {
|
||||||
*strchr(destsnap, '@') = '\0';
|
*strchr(destsnap, '@') = '\0';
|
||||||
(void) strlcat(destsnap, snap,
|
(void) strlcat(destsnap, snap,
|
||||||
sizeof (destsnap) - strlen(destsnap));
|
sizeof (destsnap));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -3029,8 +3029,7 @@ dmu_send_estimate_fast(dsl_dataset_t *origds, dsl_dataset_t *fromds,
|
||||||
|
|
||||||
dsl_dataset_name(origds, dsname);
|
dsl_dataset_name(origds, dsname);
|
||||||
(void) strcat(dsname, "/");
|
(void) strcat(dsname, "/");
|
||||||
(void) strlcat(dsname, recv_clone_name,
|
(void) strlcat(dsname, recv_clone_name, sizeof (dsname));
|
||||||
sizeof (dsname) - strlen(dsname));
|
|
||||||
|
|
||||||
err = dsl_dataset_hold(origds->ds_dir->dd_pool,
|
err = dsl_dataset_hold(origds->ds_dir->dd_pool,
|
||||||
dsname, FTAG, &ds);
|
dsname, FTAG, &ds);
|
||||||
|
|
Loading…
Reference in New Issue