|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen master] tools:misc:xenlockprof: fix possible format string overflow
commit f49fa658b53580cf2ad354d2bf1796766cc11222
Author: Seraphime Kirkovski <kirkseraph@xxxxxxxxx>
AuthorDate: Tue Apr 4 19:31:59 2017 +0200
Commit: Wei Liu <wei.liu2@xxxxxxxxxx>
CommitDate: Wed Apr 5 16:12:34 2017 +0100
tools:misc:xenlockprof: fix possible format string overflow
GCC7 complains about a possible overflow/truncation in xenlockprof.
xenlockprof.c: In function â??mainâ??:
xenlockprof.c:100:53: error: â??%sâ?? directive writing up to 39 bytes into
a
region of size between 17 and 37
[-Werror=format-overflow=]
sprintf(name, "unknown type(%d) %d lock %s", data[j].type,
^~
xenlockprof.c:100:13: note: â??sprintfâ?? output between 24 and 83 bytes
into a destination of size 60
sprintf(name, "unknown type(%d) %d lock %s", data[j].type,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
data[j].idx, data[j].name);
~~~~~~~~~~~~~~~~~~~~~~~~~~
This increases the size of name to 100. Not the most scalable solution,
but certainly the "cheapest", as it doesn't add dependencies for
asprintf.
Signed-off-by: Seraphime Kirkovski <kirkseraph@xxxxxxxxx>
Acked-by: Wei Liu <wei.liu2@xxxxxxxxxx>
---
tools/misc/xenlockprof.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/misc/xenlockprof.c b/tools/misc/xenlockprof.c
index 41fcb79..df23c82 100644
--- a/tools/misc/xenlockprof.c
+++ b/tools/misc/xenlockprof.c
@@ -24,7 +24,7 @@ int main(int argc, char *argv[])
uint32_t i, j, n;
uint64_t time;
double l, b, sl, sb;
- char name[60];
+ char name[100];
DECLARE_HYPERCALL_BUFFER(xc_lockprof_data_t, data);
if ( (argc > 2) || ((argc == 2) && (strcmp(argv[1], "-r") != 0)) )
--
generated by git-patchbot for /home/xen/git/xen.git#master
_______________________________________________ Xen-changelog mailing list Xen-changelog@xxxxxxxxxxxxx https://lists.xenproject.org/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |