validate uuid->size in ocf_volume_init

Optional uuid parameter to ocf_volume_init() points to UUID object initialized by the user. We should verify it is not excesively large as we attempt to allocate a buffer to store a copy of the UUID. Signed-off-by: Adam Rutkowski <adam.j.rutkowski@intel.com>
2022-06-27 14:49:38 +02:00 · 2022-06-27 14:49:38 +02:00 · 5a71f7c068
commit 5a71f7c068
parent 364e36ec7e
1 changed files with 3 additions and 0 deletions
--- a/src/ocf_volume.c
+++ b/src/ocf_volume.c
@ -93,6 +93,9 @@ int ocf_volume_init(ocf_volume_t volume, ocf_volume_type_t type,
 	if (!volume || !type)
 		return -OCF_ERR_INVAL;

+	if (uuid && uuid->size > OCF_VOLUME_UUID_MAX_SIZE)
+		return -OCF_ERR_INVAL;
+
 	priv_size = type->properties->volume_priv_size;
 	volume->priv = env_zalloc(priv_size, ENV_MEM_NORMAL);
 	if (!volume->priv)