Mitigate Baron SameEdit (CVE-2021-3156) vulnerability 
centos 7
centos 7
obsolete weakness #283
Weakness Breakdown
Definition:
An obsolete weakness occurs when someone uses deprecated or obsolete functions when building a system. As a programming language evolves, some functions occasionally become obsolete.
Warning code(s):
This C routine is considered obsolete.
File Name:
libqb-1.0.1/tests/rbreader.c
Context:
The highlighted line of code below is the trigger point of this particular Centos 7 obsolete weakness.
int32_t main(int32_t argc, char *argv[])
{
ssize_t num_read;
signal(SIGINT, sigterm_handler);
qb_log_init("rbreader", LOG_USER, LOG_EMERG);
qb_log_ctl(QB_LOG_SYSLOG, QB_LOG_CONF_ENABLED, QB_FALSE);
qb_log_filter_ctl(QB_LOG_STDERR, QB_LOG_FILTER_ADD,
QB_LOG_FILTER_FILE, "*", LOG_TRACE);
qb_log_ctl(QB_LOG_STDERR, QB_LOG_CONF_ENABLED, QB_TRUE);
rb = qb_rb_open("tester", ONE_MEG * 3,
QB_RB_FLAG_SHARED_PROCESS |
QB_RB_FLAG_CREATE, 0);
if (rb == NULL) {
qb_perror(LOG_ERR, "failed to create ringbuffer");
return -1;
}
while (keep_reading) {
num_read = qb_rb_chunk_read(rb, buffer,
ONE_MEG, 0);
if (num_read == -ETIMEDOUT) {
usleep(100000);
} else if (num_read < 0) {
errno = -num_read;
qb_perror(LOG_ERR, "nothing to read");
}
}
qb_rb_close(rb);
return 0;
} Products
Resources
The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a worldwide basis.
© 2020 Polyverse