From dba81543259bbb4b590918477156dfb68812dd8a Mon Sep 17 00:00:00 2001 From: Amar Tumballi Date: Tue, 21 Aug 2018 19:33:08 +0530 Subject: [PATCH 356/359] io-stats: sanitize the dump path further In the previous patch, while addressing the comment on review, a "/" at the end of the "/var/run/gluster" directory was missed out. Also noticed that the logic to convert the '/' to '-' for sanity of the path needed to change. Testing: Ran the tests which marked the bug as FailedQA, and also validated the originally reported issue, and now we see a specific log when not so clean path is given as the value to this xattr. BUG: 1605086 Change-Id: Ia8397ecd5841a72d0daca0106557e1226c293e35 Signed-off-by: Amar Tumballi Reviewed-on: https://code.engineering.redhat.com/gerrit/147644 Reviewed-by: Vijay Bellur Reviewed-by: Atin Mukherjee Tested-by: Atin Mukherjee --- xlators/debug/io-stats/src/io-stats.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/xlators/debug/io-stats/src/io-stats.c b/xlators/debug/io-stats/src/io-stats.c index 868890f..16a11df 100644 --- a/xlators/debug/io-stats/src/io-stats.c +++ b/xlators/debug/io-stats/src/io-stats.c @@ -3014,7 +3014,7 @@ conditional_dump (dict_t *dict, char *key, data_t *value, void *data) char *filename = NULL; FILE *logfp = NULL; struct ios_dump_args args = {0}; - int pid, namelen; + int pid, namelen, dirlen; char dump_key[100]; char *slash_ptr = NULL; char *path_in_value = NULL; @@ -3039,16 +3039,17 @@ conditional_dump (dict_t *dict, char *key, data_t *value, void *data) "%s: no \"../\" allowed in path", path_in_value); return -1; } - namelen = (strlen (IOS_STATS_DUMP_DIR) + value->len + - strlen (this->name) + 2); /* '.' and '\0' */ + dirlen = strlen (IOS_STATS_DUMP_DIR); + namelen = (dirlen + value->len + strlen (this->name) + 3); + /* +3 for '/', '.' and '\0' added in snprintf below*/ filename = alloca0 (namelen); - snprintf (filename, namelen, "%s%s.%s", IOS_STATS_DUMP_DIR, + snprintf (filename, namelen, "%s/%s.%s", IOS_STATS_DUMP_DIR, path_in_value, this->name); /* convert any slashes to '-' so that fopen works correctly */ - slash_ptr = strchr (filename + value->len + 1, '/'); + slash_ptr = strchr (filename + dirlen + 1, '/'); while (slash_ptr) { *slash_ptr = '-'; slash_ptr = strchr (slash_ptr, '/'); -- 1.8.3.1