Prev: [PATCH] trace-cmd: append to CFLAGS instead of being overriden
Next: uninterruptible CLONE_VFORK (Was: oom: Make coredump interruptible)
From: Chase Douglas on 13 Jun 2010 13:20
Passing n > sizeof(string) to snprintf can cause a glibc buffer overflow
condition. We know the exact size of nsecs_str, so use it instead of
math that may overflow.

Signed-off-by: Chase Douglas <chase.douglas(a)canonical.com>
---
trace-ftrace.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/trace-ftrace.c b/trace-ftrace.c
index af9ac8d..ee7c6dc 100644
--- a/trace-ftrace.c
+++ b/trace-ftrace.c
@@ -148,7 +148,7 @@ static void print_graph_duration(struct trace_seq *s, unsigned long long duratio

/* Print nsecs (we don't want to exceed 7 numbers) */
if ((s->len - len) < 7) {
- snprintf(nsecs_str, 8 - (s->len - len), "%03lu", nsecs_rem);
+ snprintf(nsecs_str, sizeof(nsecs_str), "%03lu", nsecs_rem);
trace_seq_printf(s, ".%s", nsecs_str);
}

--
1.7.0.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
 | 
Pages: 1
Prev: [PATCH] trace-cmd: append to CFLAGS instead of being overriden
Next: uninterruptible CLONE_VFORK (Was: oom: Make coredump interruptible)