[libvirt PATCH 4/8] util: virhostmem: do not use scanf without field limits
Ján Tomko
jtomko at redhat.com
Sun Aug 2 22:11:27 UTC 2020
We use an array of size VIR_NODE_MEMORY_STATS_FIELD_LENGTH
to store the string read from sysfs, but pass unbound "%s"
to sscanf.
Make the array larger by one and simply stringify that
constant as the field width specifier.
Signed-off-by: Ján Tomko <jtomko at redhat.com>
---
src/util/virhostmem.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/util/virhostmem.c b/src/util/virhostmem.c
index 9097716f54..2f60e2a250 100644
--- a/src/util/virhostmem.c
+++ b/src/util/virhostmem.c
@@ -148,7 +148,7 @@ virHostMemGetStatsLinux(FILE *meminfo,
int found = 0;
int nr_param;
char line[1024];
- char meminfo_hdr[VIR_NODE_MEMORY_STATS_FIELD_LENGTH];
+ char meminfo_hdr[VIR_NODE_MEMORY_STATS_FIELD_LENGTH + 1];
unsigned long val;
struct field_conv {
const char *meminfo_hdr; /* meminfo header */
@@ -207,8 +207,10 @@ virHostMemGetStatsLinux(FILE *meminfo,
buf = p;
}
- if (sscanf(buf, "%s %lu kB", meminfo_hdr, &val) < 2)
+# define MEM_MAX_LEN G_STRINGIFY(VIR_NODE_MEMORY_STATS_FIELD_LENGTH)
+ if (sscanf(buf, "%" MEM_MAX_LEN "s %lu kB", meminfo_hdr, &val) < 2)
continue;
+# undef MEM_MAX_LEN
for (j = 0; field_conv[j].meminfo_hdr != NULL; j++) {
struct field_conv *convp = &field_conv[j];
--
2.26.2
More information about the libvir-list
mailing list