Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cnid_dbd: Set explicit max length of db_params to prevent buffer overflow #1513

Merged
merged 1 commit into from
Sep 22, 2024
Merged

cnid_dbd: Set explicit max length of db_params to prevent buffer overflow #1513

merged 1 commit into from
Sep 22, 2024

Conversation

rdmark
Copy link
Member

@rdmark rdmark commented Sep 22, 2024
edited
Loading

Security vulnerability flagged by Sonarcloud and picked up by GitHub.

https://github.com/Netatalk/netatalk/security/code-scanning/2

@rdmark rdmark linked an issue Sep 22, 2024 that may be closed by this pull request
Address security issues raised by SonarCloud #694
Closed
@rdmark
Copy link
Member Author

rdmark commented Sep 22, 2024
edited
Loading

Tested that each type of db_param can be parsed properly:

Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: read key:logfile_autoremove val:0
Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: setting logfile_autoremove to 0
Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: read key:cachesize val:10000
Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: setting cachesize to 10000
Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: read key:flush_frequency val:600
Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: setting flush_frequency to 600
Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: read key:flush_interval val:800
Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: setting flush_interval to 800
Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: read key:fd_table_size val:1024
Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: setting max number of concurrent afpd connections per volume (fd_table_size) to 1024
Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: read key:idle_timeout val:200
Sep 22 17:11:14 alien cnid_dbd[1378150]: db_param: setting idle timeout to 200

@rdmark rdmark force-pushed the 694-address-security-issues-raised-by-sonarcloud branch from a2b07bb to c2a19a6 Compare September 22, 2024 08:19
@rdmark rdmark marked this pull request as ready for review September 22, 2024 08:19
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Sep 22, 2024

Quality Gate Failed Quality Gate failed

Failed conditions
E Maintainability Rating on New Code (required ≥ A)

See analysis details on SonarCloud

Catch issues before they fail your Quality Gate with our IDE extension SonarLint

@rdmark
Copy link
Member Author

rdmark commented Sep 22, 2024

The Sonar detected bug is not new, but rather a long-standing one that was unearthed here. Will address in the future.

@rdmark rdmark mentioned this pull request Sep 22, 2024
Closed
@rdmark rdmark merged commit 2ec9a87 into main Sep 22, 2024
14 of 15 checks passed
@rdmark rdmark deleted the 694-address-security-issues-raised-by-sonarcloud branch September 22, 2024 08:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Address security issues raised by SonarCloud
1 participant
@rdmark