[pgpool-hackers: 108] Reviewing watchdog source code
Tatsuo Ishii
ishii at postgresql.org
Fri Aug 17 12:03:20 JST 2012
Hi,
I took a look at watchdog/ source codes and found some issues:
1) unsafe usage of sprintf()
Example: in watchdog.c
char path[128];
char cmd[128];
:
:
sprintf(path,"%s/%s",pool_config->ifconfig_path,cmd);
If string length of pool_config->ifconfig_path plus cmd is greater
than 127, either non null terminated string will be created or
buffer overrun problem will occur.
I think we should avoid using sprintf(), and should use snprintf().
2) Unsafe use of strncpy()
In wd_if.c:
strncpy(buf,command,sizeof(buf));
If the string length of command is greater or equal to
sizeof(buf), the copied string in buf wiil not be null terminated.
I recommend to use strlcpy() instead or change the line to:
strncpy(buf,command,sizeof(buf)-1);
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese: http://www.sraoss.co.jp
More information about the pgpool-hackers
mailing list