[Openais] patch for buffer overflow in clm.c:my_cluster_node_load
Steven Dake
sdake at redhat.com
Wed Feb 18 01:36:13 PST 2009
On Wed, 2009-02-18 at 10:31 +0100, Lars Marowsky-Bree wrote:
> On 2009-02-17T22:47:28, Steven Dake <sdake at redhat.com> wrote:
>
> > IMO the bugzilla should never result in a buffer overflow and points at
> > a problem is totempg_ifaces_get. I put some data in the bugzilla which
> > I'd like collected if possible.
> >
> > Maybe it can help us get to the root cause of the problem instead of
> > hacking around it with this patch.
>
> Getting to the root cause surely is appreciated, yet still, using
> snprintf() + error checking seems like a good idea too?
>
>
yes but I am hesitant to put a patch in the source that masks a real
problem. Once we sort out the root cause, we can address the buffer
overflow.
Regards
-steve
> Regards,
> Lars
>
More information about the Openais
mailing list