Fix potential stack overflow [BZ #23490]

Message ID CALoOobNGOWqcOuirHR5k3r5rWtGGCSwP8pQvNWUB1J+5cx-hwg@mail.gmail.com
State New
Headers show
Series
  • Fix potential stack overflow [BZ #23490]
Related show

Commit Message

Paul Pluzhnikov Dec. 8, 2018, 6:57 p.m.
Ok for trunk?

Thanks,
-- 
Paul Pluzhnikov
From b93f4052fc171f456c8f594d4ae4aeb02ec5b3b6 Mon Sep 17 00:00:00 2001
From: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Sat, 8 Dec 2018 10:46:59 -0800
Subject: [PATCH] Fix potential stack overflow [BZ #23490]

Since we are expecting the exact "IBT" string, adjust stack buffer size
and scanf format accordingly.
---
 ChangeLog                                        | 6 ++++++
 sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c | 4 ++--
 2 files changed, 8 insertions(+), 2 deletions(-)

Comments

H.J. Lu Dec. 8, 2018, 10:16 p.m. | #1
On Sat, Dec 8, 2018 at 10:57 AM Paul Pluzhnikov <ppluzhnikov@google.com> wrote:
>

> Ok for trunk?

>

> Thanks,


LGTM.

Thanks.


-- 
H.J.

Patch

diff --git a/ChangeLog b/ChangeLog
index 7c4b061ec5..03cbe04ddb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@ 
+2018-12-08  Paul Pluzhnikov  <ppluzhnikov@google.com>
+
+	[BZ #23490]
+	* sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
+	(do_test): Adjust buffer size and fix format.
+
 2018-12-07  DJ Delorie  <dj@redhat.com>
 
 	[BZ #23907]
diff --git a/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c b/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
index 0531074ceb..259ef44eb8 100644
--- a/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
+++ b/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
@@ -44,9 +44,9 @@  sig_handler (int signo)
 static int
 do_test (void)
 {
-  char buf[20];
+  char buf[4];
 
-  if (scanf ("%20s", buf) != 1)
+  if (scanf ("%3s", buf) != 1)
     FAIL_UNSUPPORTED ("IBT not supported");
 
   if (strcmp (buf, "IBT") != 0)