[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] tools: libxenstat: fix format string overflow



On Fri, Feb 16, 2018 at 06:55:08PM +0100, Dario Faggioli wrote:
> On Fri, 2018-02-16 at 17:44 +0000, Wei Liu wrote:
> > On Fri, Feb 16, 2018 at 06:36:51PM +0100, Dario Faggioli wrote:
> > > 
> > > --- a/tools/xenstat/libxenstat/src/xenstat_linux.c
> > > +++ b/tools/xenstat/libxenstat/src/xenstat_linux.c
> > > @@ -69,18 +69,20 @@ void getBridge(char *excludeName, char *result,
> > > size_t resultLen)
> > >   struct dirent *de;
> > >   DIR *d;
> > >  
> > > - char tmp[256] = { 0 };
> > > -
> > >   d = opendir("/sys/class/net");
> > >   while ((de = readdir(d)) != NULL) {
> > >           if ((strlen(de->d_name) > 0) && (de->d_name[0] !=
> > > '.')
> > >                   && (strstr(de->d_name, excludeName) ==
> > > NULL)) {
> > > -                         sprintf(tmp,
> > > "/sys/class/net/%s/bridge", de->d_name);
> > > +                         char *tmp;
> > > +
> > > +                         asprintf(&tmp,
> > > "/sys/class/net/%s/bridge", de->d_name);
> > 
> > Need to check the return value of asprintf.
> > 
> Right! And what do I do if it fails, 'continue' the while(), I guess?
> 

Looking at the error message again, can you just increase the buffer
size to 512? That should do the job?

Wei.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.