git.ipfire.org Git - thirdparty/mdadm.git/commit

author	Nigel Croxon <ncroxon@redhat.com>
	Thu, 14 Oct 2021 16:02:00 +0000 (12:02 -0400)
committer	Jes Sorensen <jsorensen@fb.com>
	Tue, 19 Oct 2021 06:57:43 +0000 (02:57 -0400)
commit	1c66260df6664a5751644cbfc6ab9dcadf1d90c1
tree	954ec236d6d48d0eddfe3acf550c3ba2d8101fbd	tree \| snapshot
parent	d64a37b9bf4609444161a73cf8a48b17684b0229	commit \| diff

Fix 2 dc stream buffer

To meet requirements of Common Criteria certification vulnerablility
assessment. Static code analysis has been run and found the following
Error: DC.STREAM_BUFFER (CWE-120): [#def46]
mdadm-4.2: dont_call: "fscanf" assumes an arbitrarily
long string, so callers must use correct precision specifiers or
never use "fscanf".

The change is to define a value for string %s.

V2: Tighten the value in policy.c to match the limit of the metadata.
Add a change to policy_save_path() to use correct precision on the
fscanf call.

Signed-off-by: Nigel Croxon <ncroxon@redhat.com>
Signed-off-by: Jes Sorensen <jsorensen@fb.com>

Monitor.c		diff \| blob \| blame \| history
policy.c		diff \| blob \| blame \| history