]> granicus.if.org Git - procps-ng/commitdiff
projects / procps-ng / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4ce81d4)
vmstat: Replace memcmp() with strncmp().
authorQualys Security Advisory <qsa@qualys.com>
Thu, 1 Jan 1970 00:00:00 +0000 (00:00 +0000)
committerCraig Small <csmall@enc.com.au>
Wed, 13 Jun 2018 12:06:14 +0000 (22:06 +1000)
Otherwise this may read out-of-bounds (there is no guarantee that 5
bytes are actually available at partition/optarg).

vmstat.c patch | blob | history

diff --git a/vmstat.c b/vmstat.c
index 6eca2c452cf6cc6a94aa4af70a4cee36a3a73c2c..c5f6d62c22245fb302887bc3ef5718022f147fc9 100644 (file)
--- a/vmstat.c
+++ b/vmstat.c
@@ -909,7 +909,7 @@ int main(int argc, char *argv[])
                case 'p':
                        statMode |= PARTITIONSTAT;
                        partition = optarg;
-                       if (memcmp(partition, "/dev/", 5) == 0)
+                       if (strncmp(partition, "/dev/", 5) == 0)
                                partition += 5;
                        break;
                case 'S':
Unnamed repository; edit this file 'description' to name the repository.