[PATCH 2/2] lib: fwts_battery: add field width limit for sscanf

Keng-Yu Lin keng-yu.lin at canonical.com
Tue Sep 16 18:02:19 UTC 2014


On Mon, Sep 15, 2014 at 6:45 AM, Colin King <colin.king at canonical.com> wrote:
> From: Colin Ian King <colin.king at canonical.com>
>
> Adding a field width limit to avoid buffer overflow
>
> Signed-off-by: Colin Ian King <colin.king at canonical.com>
> ---
>  src/lib/src/fwts_battery.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/lib/src/fwts_battery.c b/src/lib/src/fwts_battery.c
> index cbba109..8a84998 100644
> --- a/src/lib/src/fwts_battery.c
> +++ b/src/lib/src/fwts_battery.c
> @@ -156,7 +156,7 @@ static int fwts_battery_get_capacity_proc_fs(fwts_framework *fw,
>                                 while (fgets(buffer, sizeof(buffer)-1, fp) != NULL) {
>                                         if (strstr(buffer, field) &&
>                                             strlen(buffer) > 25) {
> -                                               sscanf(buffer+25, "%d %s", &val, units);
> +                                               sscanf(buffer+25, "%d %63s", &val, units);
>                                                 if (strncmp(units, "mAh",3) == 0) {
>                                                         *capacity_mAh += val;
>                                                         (*count)++;
> --
> 2.1.0
>
>

Acked-by: Keng-Yu Lin <kengyu at canonical.com>



More information about the fwts-devel mailing list