diff options
author | Colin Cross <ccross@google.com> | 2015-04-24 21:58:46 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2015-04-24 21:58:46 +0000 |
commit | 7117efced82fcb4d3658161d765bfc964ab930f4 (patch) | |
tree | 61db93336fd9a709d631284221007d667586ac6c | |
parent | ffc011b651535c46225630f5b73a798d86c1f52e (diff) | |
parent | b03afb421def033e12ad1de4e0cb146e239fa301 (diff) | |
download | extras-7117efced82fcb4d3658161d765bfc964ab930f4.tar.gz |
Merge "fix possible buffer overrun in librank"
-rw-r--r-- | librank/librank.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/librank/librank.c b/librank/librank.c index 2e3c3fc5..28322b9a 100644 --- a/librank/librank.c +++ b/librank/librank.c @@ -443,13 +443,20 @@ static void usage(char *myname) { } static int getprocname(pid_t pid, char *buf, size_t len) { - char filename[20]; + char filename[32]; FILE *f; - sprintf(filename, "/proc/%d/cmdline", pid); + snprintf(filename, sizeof(filename), "/proc/%d/cmdline", pid); f = fopen(filename, "r"); - if (!f) { *buf = '\0'; return 1; } - if (!fgets(buf, len, f)) { *buf = '\0'; return 2; } + if (!f) { + *buf = '\0'; + return 1; + } + if (!fgets(buf, len, f)) { + *buf = '\0'; + fclose(f); + return 2; + } fclose(f); return 0; } |