From e18ba4731d625435ec075fbd6f4eb0f3e325d3d4 Mon Sep 17 00:00:00 2001 From: Christophe Grenier Date: Tue, 8 May 2012 15:06:56 +0200 Subject: [PATCH] Avoid a buffer overflow in Linux Raid information reporting --- src/md.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/md.c b/src/md.c index 02a896e3..9b30c8b6 100644 --- a/src/md.c +++ b/src/md.c @@ -284,7 +284,7 @@ static int set_MD_info(const struct mdp_superblock_s *sb, partition_t *partition if (le16(sb1->dev_roles[i-1]) != 0xffff) break; strcat(partition->info, " ("); - for (d=0; d < i && strlen(partition->info) < sizeof(partition->info) - 7; d++) + for (d=0; d < i && strlen(partition->info) < sizeof(partition->info) - 9; d++) { const int role = le16(sb1->dev_roles[d]); if (d) @@ -347,7 +347,7 @@ static int set_MD_info_be(const struct mdp_superblock_s *sb, partition_t *partit if (be16(sb1->dev_roles[i-1]) != 0xffff) break; strcat(partition->info, " ("); - for (d=0; d < i && strlen(partition->info) < sizeof(partition->info) - 7; d++) + for (d=0; d < i && strlen(partition->info) < sizeof(partition->info) - 9; d++) { const int role = be16(sb1->dev_roles[d]); if (d)