]> granicus.if.org Git - procps-ng/commit
projects / procps-ng / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0d9d0a5) | patch
pmap: Prevent buffer overflow in sscanf().
authorQualys Security Advisory <qsa@qualys.com>
Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committerCraig Small <csmall@enc.com.au>
Fri, 18 May 2018 21:32:22 +0000 (07:32 +1000)
commit62de3a2aa73521758f34ce147177be0ddada0bab
tree417c1ee0c50f8d72fb10beb5d7349e2621adce7etree | snapshot
parent0d9d0a5206906a116820e15b869f4c50a85ac454commit | diff
pmap: Prevent buffer overflow in sscanf().

vmflags[] is a 27*(2+1)=81 char array, but there are 30 flags now (not
27), and even with 27 flags this was an off-by-one overflow (the kernel
always outputs a flag with "%c%c ", so the last +1 is for a space, not
for the terminating null byte). Protect vmflags[] with a maximum field
width, as in the surrounding sscanf() calls.
pmap.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.