proc/readproc.c: Harden get_proc_stats().

author Qualys Security Advisory <qsa@qualys.com>

Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)

committer Craig Small <csmall@enc.com.au>

Fri, 18 May 2018 21:32:22 +0000 (07:32 +1000)
author Qualys Security Advisory <qsa@qualys.com>
Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committer Craig Small <csmall@enc.com.au>
Fri, 18 May 2018 21:32:22 +0000 (07:32 +1000)
diff --git a/proc/readproc.c b/proc/readproc.c

index aaa8a29c6d28e4a5783f90425ac1669aa2eab1c5..de69cdad8500efb475fe62b8b9e5db60ec98f750 100644 (file)
--- a/proc/readproc.c
+++ b/proc/readproc.c
@@ -1635,7 +1635,7 @@ proc_t * get_proc_stats(pid_t pid, proc_t *p) {
      static char path[32];
      struct stat statbuf;
  
-    sprintf(path, "/proc/%d", pid);
+    snprintf(path, sizeof path, "/proc/%d", pid);
      if (stat(path, &statbuf)) {
          perror("stat");
          return NULL;
author	Qualys Security Advisory <qsa@qualys.com>
	Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committer	Craig Small <csmall@enc.com.au>
	Fri, 18 May 2018 21:32:22 +0000 (07:32 +1000)