ACK: [PATCH 1/2] lib: fwts_alloc: add field width limit for sscanf
Alex Hung
alex.hung at canonical.com
Wed Sep 17 01:50:42 UTC 2014
On 14-09-15 06:45 AM, Colin King wrote:
> From: Colin Ian King <colin.king at canonical.com>
>
> Adding a field width limit to avoid buffer overflow
>
> Signed-off-by: Colin Ian King <colin.king at canonical.com>
> ---
> src/lib/src/fwts_alloc.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/lib/src/fwts_alloc.c b/src/lib/src/fwts_alloc.c
> index 2a8fcd9..afebe2a 100644
> --- a/src/lib/src/fwts_alloc.c
> +++ b/src/lib/src/fwts_alloc.c
> @@ -75,7 +75,7 @@ static void *fwts_low_mmap(const size_t requested_size)
> return MAP_FAILED;
>
> while (fgets(buffer, sizeof(buffer), fp) != NULL) {
> - sscanf(buffer, "%p-%p %*s %*x %*s %*u %s",
> + sscanf(buffer, "%p-%p %*s %*x %*s %*u %1023s",
> &addr_start, &addr_end, pathname);
>
> /*
Acked-by: Alex Hung <alex.hung at canonical.com>
More information about the fwts-devel
mailing list