|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
From 9bcf7507fab6e6b022ae3cc7178237e6e0a09e9a Mon Sep 17 00:00:00 2001
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
From: Thomas Hindoe Paaboel Andersen <phomes@gmail.com>
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
Date: Fri, 26 Sep 2014 21:41:02 +0200
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
Subject: [PATCH] bootchart: parse userinput with safe_atoi
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
Found by coverity. Fixes: CID#996409
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
---
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
src/bootchart/store.c | 6 ++++--
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
1 file changed, 4 insertions(+), 2 deletions(-)
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
diff --git a/src/bootchart/store.c b/src/bootchart/store.c
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
index ed683e88d9..3099ff1208 100644
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
--- a/src/bootchart/store.c
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+++ b/src/bootchart/store.c
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
@@ -192,12 +192,14 @@ vmstat_next:
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
m = buf;
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
while (m) {
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ int r;
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
if (sscanf(m, "%s %*s %*s %*s %*s %*s %*s %s %s", key, rt, wt) < 3)
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
goto schedstat_next;
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
if (strstr(key, "cpu")) {
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
- c = atoi((const char*)(key+3));
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
- if (c > MAXCPUS)
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ r = safe_atoi((const char*)(key+3), &c);
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
+ if (r < 0 || c > MAXCPUS)
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
/* Oops, we only have room for MAXCPUS data */
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
break;
|
|
Zbigniew Jędrzejewski-Szmek |
62fe94 |
sampledata->runtime[c] = atoll(rt);
|