]> granicus.if.org Git - procps-ng/commit
projects / procps-ng / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bf12b14) | patch
proc/slab.h: Fix off-by-one overflow in sscanf().
authorQualys Security Advisory <qsa@qualys.com>
Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committerCraig Small <csmall@enc.com.au>
Fri, 18 May 2018 21:32:21 +0000 (07:32 +1000)
commit3ccc6ed2620d7f5103041a71d9894315a851e055
tree9dd3b78e22636f0f6f4192bf7b44ea541c76cd1ctree | snapshot
parentbf12b14db9f35a0cf24459bfb5b59ce541de802dcommit | diff
proc/slab.h: Fix off-by-one overflow in sscanf().

In proc/slab.c, functions parse_slabinfo20() and parse_slabinfo11(),
sscanf() might overflow curr->name, because "String input conversions
store a terminating null byte ('\0') to mark the end of the input; the
maximum field width does not include this terminator."

Add one byte to name[] for this terminator.
proc/slab.h diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.