Prev: [PATCH] trace-cmd: append to CFLAGS instead of being overriden
Next: uninterruptible CLONE_VFORK (Was: oom: Make coredump interruptible)
From: Chase Douglas on 13 Jun 2010 13:20 Passing n > sizeof(string) to snprintf can cause a glibc buffer overflow condition. We know the exact size of nsecs_str, so use it instead of math that may overflow. Signed-off-by: Chase Douglas <chase.douglas(a)canonical.com> --- trace-ftrace.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/trace-ftrace.c b/trace-ftrace.c index af9ac8d..ee7c6dc 100644 --- a/trace-ftrace.c +++ b/trace-ftrace.c @@ -148,7 +148,7 @@ static void print_graph_duration(struct trace_seq *s, unsigned long long duratio /* Print nsecs (we don't want to exceed 7 numbers) */ if ((s->len - len) < 7) { - snprintf(nsecs_str, 8 - (s->len - len), "%03lu", nsecs_rem); + snprintf(nsecs_str, sizeof(nsecs_str), "%03lu", nsecs_rem); trace_seq_printf(s, ".%s", nsecs_str); } -- 1.7.0.4 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ |