Merge "fix possible buffer overrun in librank"

author: Colin Cross <ccross@google.com> 2015-04-24 21:58:46 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2015-04-24 21:58:46 +0000
commit: 7117efced82fcb4d3658161d765bfc964ab930f4 (patch)
tree: 61db93336fd9a709d631284221007d667586ac6c
parent: ffc011b651535c46225630f5b73a798d86c1f52e (diff)
parent: b03afb421def033e12ad1de4e0cb146e239fa301 (diff)
download: extras-7117efced82fcb4d3658161d765bfc964ab930f4.tar.gz
1 files changed, 11 insertions, 4 deletions
diff --git a/librank/librank.c b/librank/librank.c
index 2e3c3fc5..28322b9a 100644
--- a/librank/librank.c
+++ b/librank/librank.c
@@ -443,13 +443,20 @@ static void usage(char *myname) {
 }
 
 static int getprocname(pid_t pid, char *buf, size_t len) {
-    char filename[20];
+    char filename[32];
     FILE *f;
 
-    sprintf(filename, "/proc/%d/cmdline", pid);
+    snprintf(filename, sizeof(filename), "/proc/%d/cmdline", pid);
     f = fopen(filename, "r");
-    if (!f) { *buf = '\0'; return 1; }
-    if (!fgets(buf, len, f)) { *buf = '\0'; return 2; }
+    if (!f) {
+        *buf = '\0';
+        return 1;
+    }
+    if (!fgets(buf, len, f)) {
+        *buf = '\0';
+        fclose(f);
+        return 2;
+    }
     fclose(f);
     return 0;
 }
author	Colin Cross <ccross@google.com>	2015-04-24 21:58:46 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2015-04-24 21:58:46 +0000
commit	7117efced82fcb4d3658161d765bfc964ab930f4 (patch)
tree	61db93336fd9a709d631284221007d667586ac6c
parent	ffc011b651535c46225630f5b73a798d86c1f52e (diff)
parent	b03afb421def033e12ad1de4e0cb146e239fa301 (diff)
download	extras-7117efced82fcb4d3658161d765bfc964ab930f4.tar.gz