0091-pmap: Check sscanf() in discover_shm_minor().

author Qualys Security Advisory <qsa@qualys.com>

Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)

committer Craig Small <csmall@enc.com.au>

Sat, 23 Jun 2018 11:59:14 +0000 (21:59 +1000)
author Qualys Security Advisory <qsa@qualys.com>
Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committer Craig Small <csmall@enc.com.au>
Sat, 23 Jun 2018 11:59:14 +0000 (21:59 +1000)
diff --git a/pmap.c b/pmap.c

index 57d8f04ec201e5a8f21d983dcd3a80983be1838f..0868f9121976e2b399374ee0db0c5f8f990d6969 100644 (file)
--- a/pmap.c
+++ b/pmap.c
@@ -178,9 +178,9 @@ static void discover_shm_minor(void)
                 unsigned long start, end;
                 unsigned long long file_offset, inode;
                 unsigned dev_major, dev_minor;
-               sscanf(mapbuf_b, "%lx-%lx %31s %llx %x:%x %llu", &start,
-                      &end, perms, &file_offset, &dev_major, &dev_minor,
-                      &inode);
+               if (sscanf(mapbuf_b, "%lx-%lx %31s %llx %x:%x %llu", &start,
+                      &end, perms, &file_offset, &dev_major, &dev_minor, &inode) < 6)
+            continue;
                 tmp = strchr(mapbuf_b, '\n');
                 if (tmp)
                         *tmp = '\0';
author	Qualys Security Advisory <qsa@qualys.com>
	Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committer	Craig Small <csmall@enc.com.au>
	Sat, 23 Jun 2018 11:59:14 +0000 (21:59 +1000)