fix possible buffer overrun in librank

Use snprintf instead of sprintf and fclose() before return. Change-Id: I2c367b2e7b943f4ed10551c18ecc971e6b830c66 Signed-off-by: Daegeun Song <daegeun.song@lge.com>
author: daegeun.song <daegeun.song@lge.com> 2015-04-22 11:31:29 +0900
committer: daegeun.song <daegeun.song@lge.com> 2015-04-23 08:05:14 +0900
commit: b03afb421def033e12ad1de4e0cb146e239fa301 (patch)
tree: 296daf2925bf738bfd81d6ba4e47ad65c6143a17
parent: 9a6b9137db9cd00e1189322a5db5581cd67e2867 (diff)
download: extras-b03afb421def033e12ad1de4e0cb146e239fa301.tar.gz
1 files changed, 11 insertions, 4 deletions
diff --git a/librank/librank.c b/librank/librank.c
index 2e3c3fc5..28322b9a 100644
--- a/librank/librank.c
+++ b/librank/librank.c
@@ -443,13 +443,20 @@ static void usage(char *myname) {
 }
 
 static int getprocname(pid_t pid, char *buf, size_t len) {
-    char filename[20];
+    char filename[32];
     FILE *f;
 
-    sprintf(filename, "/proc/%d/cmdline", pid);
+    snprintf(filename, sizeof(filename), "/proc/%d/cmdline", pid);
     f = fopen(filename, "r");
-    if (!f) { *buf = '\0'; return 1; }
-    if (!fgets(buf, len, f)) { *buf = '\0'; return 2; }
+    if (!f) {
+        *buf = '\0';
+        return 1;
+    }
+    if (!fgets(buf, len, f)) {
+        *buf = '\0';
+        fclose(f);
+        return 2;
+    }
     fclose(f);
     return 0;
 }
author	daegeun.song <daegeun.song@lge.com>	2015-04-22 11:31:29 +0900
committer	daegeun.song <daegeun.song@lge.com>	2015-04-23 08:05:14 +0900
commit	b03afb421def033e12ad1de4e0cb146e239fa301 (patch)
tree	296daf2925bf738bfd81d6ba4e47ad65c6143a17
parent	9a6b9137db9cd00e1189322a5db5581cd67e2867 (diff)
download	extras-b03afb421def033e12ad1de4e0cb146e239fa301.tar.gz