From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <cluster-cvs-return-7351-listarch-cluster-cvs=sources.redhat.com@sourceware.org>
Received: (qmail 424 invoked by alias); 24 Oct 2007 05:55:07 -0000
Received: (qmail 396 invoked by uid 9610); 24 Oct 2007 05:55:07 -0000
Date: Wed, 24 Oct 2007 05:55:00 -0000
Message-ID: <20071024055507.395.qmail@sourceware.org>
From: rmccabe@sourceware.org
To: cluster-cvs@sources.redhat.com
Subject: cluster/cman/daemon cmanccs.c
Mailing-List: contact cluster-cvs-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <cluster-cvs.sourceware.org>
List-Subscribe: <mailto:cluster-cvs-subscribe@sourceware.org>
List-Post: <mailto:cluster-cvs@sourceware.org>
List-Help: <mailto:cluster-cvs-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: cluster-cvs-owner@sourceware.org
X-SW-Source: 2007-q4/txt/msg00097.txt.bz2

CVSROOT:	/cvs/cluster
Module name:	cluster
Changes by:	rmccabe@sourceware.org	2007-10-24 05:55:07

Modified files:
	cman/daemon    : cmanccs.c 

Log message:
	- Fix unsafe string handling:
	- replace memset(s,c,n);sprintf(s,...); with snprintf with proper error checking
	- don't overflow the stack if the cluster name specified in the env var is too long
	- don't overflow the stack if the local nodename from uname(2) is too long
	- don't overflow the stack if the local nodename specified in the env var is too long
	
	- Don't leak the ccs descriptor in get_ccs_join_info() on errors

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/cluster/cman/daemon/cmanccs.c.diff?cvsroot=cluster&r1=1.34&r2=1.35