]> granicus.if.org Git - procps-ng/commit
0077-proc/readproc.c: Harden fill_cgroup_cvt().
authorQualys Security Advisory <qsa@qualys.com>
Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committerCraig Small <csmall@enc.com.au>
Sat, 9 Jun 2018 11:35:19 +0000 (21:35 +1000)
commited463c7d88429bef650e361eb833bd6fc1505e72
tree5929ed287fac2783e7fa390a96e18eeb6c7ed031
parent1052091107395daa3d2592aeac44ed742ef1a22f
0077-proc/readproc.c: Harden fill_cgroup_cvt().

Check the return value of snprintf(), otherwise dst may point
out-of-bounds when it reaches the end of the dst_buffer (the snprintf()
always returns 1 in that case, even if there is not enough space left),
and vMAX becomes negative and is passed to snprintf() as a size_t.

---------------------------- adapted for newlib branch
. adapted via 'patch (without rejections)

Signed-off-by: Jim Warner <james.warner@comcast.net>
proc/readproc.c