util-linux/backport-lslocks-fix-buffer-overflow.patch

From fcb83efb61c7898fa2ef20e010bf760278ec6746 Mon Sep 17 00:00:00 2001
From: Karel Zak <kzak@redhat.com>
Date: Thu, 29 Feb 2024 20:43:35 +0100
Subject: [PATCH] lslocks: fix buffer overflow

* don't use memset() to init variables
* use xreaddir() to reduce code
* use ssize_t for readlinkat() return value to avoid buffer overflow

Signed-off-by: Karel Zak <kzak@redhat.com>
(cherry picked from commit f030775ffeaa8627c88434f7d0cba1a454aa0ffa)
Reference:https://github.com/util-linux/util-linux/commit/fcb83efb61c7898fa2ef20e010bf760278ec6746
Conflict:context adapt
---
 misc-utils/lslocks.c | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/misc-utils/lslocks.c b/misc-utils/lslocks.c
index caca13f..a2d634a 100644
--- a/misc-utils/lslocks.c
+++ b/misc-utils/lslocks.c
@@ -45,6 +45,7 @@
 #include "closestream.h"
 #include "optutils.h"
 #include "procfs.h"
+#include "fileutils.h"
 
 /* column IDs */
 enum {
@@ -170,13 +171,12 @@ static char *get_filename_sz(ino_t inode, pid_t lock_pid, size_t *size)
 	struct stat sb;
 	struct dirent *dp;
 	DIR *dirp;
-	size_t len;
+	size_t sz;
 	int fd;
-	char path[PATH_MAX], sym[PATH_MAX], *ret = NULL;
+	char path[PATH_MAX] = { 0 },
+	     sym[PATH_MAX] = { 0 }, *ret = NULL;
 
 	*size = 0;
-	memset(path, 0, sizeof(path));
-	memset(sym, 0, sizeof(sym));
 
 	/*
 	 * We know the pid so we don't have to
@@ -187,16 +187,14 @@ static char *get_filename_sz(ino_t inode, pid_t lock_pid, size_t *size)
 	if (!(dirp = opendir(path)))
 		return NULL;
 
-	if ((len = strlen(path)) >= (sizeof(path) - 2))
+	if ((sz = strlen(path)) >= (sizeof(path) - 2))
 		goto out;
 
 	if ((fd = dirfd(dirp)) < 0 )
 		goto out;
 
-	while ((dp = readdir(dirp))) {
-		if (!strcmp(dp->d_name, ".") ||
-		    !strcmp(dp->d_name, ".."))
-			continue;
+	while ((dp = xreaddir(dirp))) {
+		ssize_t len;
 
 		errno = 0;
 
-- 
2.33.0
sync patches from the old version 2024-12-16 02:37:59 +00:00			`From fcb83efb61c7898fa2ef20e010bf760278ec6746 Mon Sep 17 00:00:00 2001`
			`From: Karel Zak <kzak@redhat.com>`
			`Date: Thu, 29 Feb 2024 20:43:35 +0100`
			`Subject: [PATCH] lslocks: fix buffer overflow`

			`* don't use memset() to init variables`
			`* use xreaddir() to reduce code`
			`* use ssize_t for readlinkat() return value to avoid buffer overflow`

			`Signed-off-by: Karel Zak <kzak@redhat.com>`
			`(cherry picked from commit f030775ffeaa8627c88434f7d0cba1a454aa0ffa)`
			`Reference:https://github.com/util-linux/util-linux/commit/fcb83efb61c7898fa2ef20e010bf760278ec6746`
			`Conflict:context adapt`
			`---`
			`misc-utils/lslocks.c \| 16 +++++++---------`
			`1 file changed, 7 insertions(+), 9 deletions(-)`

			`diff --git a/misc-utils/lslocks.c b/misc-utils/lslocks.c`
			`index caca13f..a2d634a 100644`
			`--- a/misc-utils/lslocks.c`
			`+++ b/misc-utils/lslocks.c`
			`@@ -45,6 +45,7 @@`
			`#include "closestream.h"`
			`#include "optutils.h"`
			`#include "procfs.h"`
			`+#include "fileutils.h"`

			`/* column IDs */`
			`enum {`
			`@@ -170,13 +171,12 @@ static char get_filename_sz(ino_t inode, pid_t lock_pid, size_t size)`
			`struct stat sb;`
			`struct dirent *dp;`
			`DIR *dirp;`
			`- size_t len;`
			`+ size_t sz;`
			`int fd;`
			`- char path[PATH_MAX], sym[PATH_MAX], *ret = NULL;`
			`+ char path[PATH_MAX] = { 0 },`
			`+ sym[PATH_MAX] = { 0 }, *ret = NULL;`

			`*size = 0;`
			`- memset(path, 0, sizeof(path));`
			`- memset(sym, 0, sizeof(sym));`

			`/*`
			`* We know the pid so we don't have to`
			`@@ -187,16 +187,14 @@ static char get_filename_sz(ino_t inode, pid_t lock_pid, size_t size)`
			`if (!(dirp = opendir(path)))`
			`return NULL;`

			`- if ((len = strlen(path)) >= (sizeof(path) - 2))`
			`+ if ((sz = strlen(path)) >= (sizeof(path) - 2))`
			`goto out;`

			`if ((fd = dirfd(dirp)) < 0 )`
			`goto out;`

			`- while ((dp = readdir(dirp))) {`
			`- if (!strcmp(dp->d_name, ".") \|\|`
			`- !strcmp(dp->d_name, ".."))`
			`- continue;`
			`+ while ((dp = xreaddir(dirp))) {`
			`+ ssize_t len;`

			`errno = 0;`

			`--`
			`2.33.0`