From 836a56a956f252935dd2ed4908aab57e1a95ccaf Mon Sep 17 00:00:00 2001 From: Stelios Fragkakis <52996999+stelfrag@users.noreply.github.com> Date: Wed, 10 May 2023 12:57:04 +0300 Subject: Adjust buffers to prevent overflow (#15025) * Adjust buffers to prevent overflow * Adjust strncat parameter to prevent buffer overflow --- collectors/cgroups.plugin/sys_fs_cgroup.c | 4 ++-- collectors/proc.plugin/proc_diskstats.c | 8 ++++---- database/rrdset.c | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/collectors/cgroups.plugin/sys_fs_cgroup.c b/collectors/cgroups.plugin/sys_fs_cgroup.c index 007d4245b8..d9049b2fab 100644 --- a/collectors/cgroups.plugin/sys_fs_cgroup.c +++ b/collectors/cgroups.plugin/sys_fs_cgroup.c @@ -1952,7 +1952,7 @@ static void is_cgroup_procs_exist(netdata_ebpf_cgroup_shm_body_t *out, char *id) } static inline void convert_cgroup_to_systemd_service(struct cgroup *cg) { - char buffer[CGROUP_CHARTID_LINE_MAX]; + char buffer[CGROUP_CHARTID_LINE_MAX + 1]; cg->options |= CGROUP_OPTIONS_SYSTEM_SLICE_SERVICE; strncpyz(buffer, cg->id, CGROUP_CHARTID_LINE_MAX); char *s = buffer; @@ -2607,7 +2607,7 @@ static inline void discovery_process_first_time_seen_cgroup(struct cgroup *cg) { } cg->first_time_seen = 0; - char comm[TASK_COMM_LEN]; + char comm[TASK_COMM_LEN + 1]; if (cg->container_orchestrator == CGROUPS_ORCHESTRATOR_UNSET) { if (strstr(cg->id, "kubepods")) { diff --git a/collectors/proc.plugin/proc_diskstats.c b/collectors/proc.plugin/proc_diskstats.c index 2a4fe4f8c2..09c6498e3b 100644 --- a/collectors/proc.plugin/proc_diskstats.c +++ b/collectors/proc.plugin/proc_diskstats.c @@ -348,7 +348,7 @@ static inline int get_disk_name_from_path(const char *path, char *result, size_t int found = 0, preferred = 0; - char *first_result = mallocz(result_size); + char *first_result = mallocz(result_size + 1); DIR *dir = opendir(path); if (!dir) { @@ -454,7 +454,7 @@ failed: } static inline char *get_disk_name(unsigned long major, unsigned long minor, char *disk) { - char result[FILENAME_MAX + 1] = ""; + char result[FILENAME_MAX + 2] = ""; if(!path_to_device_mapper || !*path_to_device_mapper || !get_disk_name_from_path(path_to_device_mapper, result, FILENAME_MAX + 1, major, minor, disk, NULL, 0)) if(!path_to_device_label || !*path_to_device_label || !get_disk_name_from_path(path_to_device_label, result, FILENAME_MAX + 1, major, minor, disk, NULL, 0)) @@ -615,8 +615,8 @@ static struct disk *get_disk(unsigned long major, unsigned long minor, char *dis // read device uuid if it is an LVM volume if (!strncmp(d->device, "dm-", 3)) { char uuid_filename[FILENAME_MAX + 1]; - snprintfz(uuid_filename, FILENAME_MAX, path_to_sys_devices_virtual_block_device, disk); - strncat(uuid_filename, "/dm/uuid", FILENAME_MAX); + int size = snprintfz(uuid_filename, FILENAME_MAX, path_to_sys_devices_virtual_block_device, disk); + strncat(uuid_filename, "/dm/uuid", FILENAME_MAX - size); char device_uuid[RRD_ID_LENGTH_MAX + 1]; if (!read_file(uuid_filename, device_uuid, RRD_ID_LENGTH_MAX) && !strncmp(device_uuid, "LVM-", 4)) { diff --git a/database/rrdset.c b/database/rrdset.c index 2843bb3305..3177f43ff4 100644 --- a/database/rrdset.c +++ b/database/rrdset.c @@ -2207,7 +2207,7 @@ bool rrdset_memory_load_or_create_map_save(RRDSET *st, RRD_MEMORY_MODE memory_mo memset(st_on_file, 0, size); // set the values we need - strncpyz(st_on_file->id, rrdset_id(st), RRD_ID_LENGTH_MAX_V019 + 1); + strncpyz(st_on_file->id, rrdset_id(st), RRD_ID_LENGTH_MAX_V019); strcpy(st_on_file->cache_filename, fullfilename); strcpy(st_on_file->magic, RRDSET_MAGIC_V019); st_on_file->memsize = size; -- cgit v1.2.3