]> granicus.if.org Git - procps-ng/commitdiff
projects / procps-ng / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8c84870)
pmap: Check sscanf() in discover_shm_minor().
authorQualys Security Advisory <qsa@qualys.com>
Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committerCraig Small <csmall@enc.com.au>
Fri, 18 May 2018 21:32:22 +0000 (07:32 +1000)
Need at least 6 items ("inode" is unused).

pmap.c patch | blob | history

diff --git a/pmap.c b/pmap.c
index 075037fcfc1615952d69d0e6481bc6e838629ebb..9bc9c4c027416c55ac66b67841f6d0e62a22596d 100644 (file)
--- a/pmap.c
+++ b/pmap.c
@@ -174,9 +174,9 @@ static void discover_shm_minor(void)
                unsigned KLONG start, end;
                unsigned long long file_offset, inode;
                unsigned dev_major, dev_minor;
-               sscanf(mapbuf_b, "%" KLF "x-%" KLF "x %31s %llx %x:%x %llu", &start,
-                      &end, perms, &file_offset, &dev_major, &dev_minor,
-                      &inode);
+               if (sscanf(mapbuf_b, "%" KLF "x-%" KLF "x %31s %llx %x:%x %llu", &start,
+                       &end, perms, &file_offset, &dev_major, &dev_minor, &inode) < 6)
+                       continue;
                tmp = strchr(mapbuf_b, '\n');
                if (tmp)
                        *tmp = '\0';
Unnamed repository; edit this file 'description' to name the repository.