| Message ID | 20220629175134.162666-1-icoolidge@google.com |
|---|---|
| State | New |
| Headers | show |
| Series | rt-tests: rt-utils: Fix potential 'debugfileprefix' overflow | expand |
diff --git a/src/lib/rt-utils.c b/src/lib/rt-utils.c index 6c0235d..bbc0b82 100644 --- a/src/lib/rt-utils.c +++ b/src/lib/rt-utils.c @@ -32,7 +32,7 @@ #define MAX_COMMAND_LINE 4096 #define MAX_TS_SIZE 64 -static char debugfileprefix[MAX_PATH]; +static char debugfileprefix[MAX_PATH + 1]; static char *fileprefix; static int trace_fd = -1; static int tracemark_fd = -1;
fscanf on line 73 amounts to fscanf(fp, "... %256s ...", debugfileprefix) This can result in 256 characters excluding nul. Add 1 to buffer size to accomodate a maximum write + a nul. Signed-off-by: Ian K. Coolidge <icoolidge@google.com> --- src/lib/rt-utils.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)