[PATCH] trace-cmd: prevent print_graph_duration buffer overflow
From: Chase Douglas
Date: Sun Jun 13 2010 - 13:11:59 EST
Passing n > sizeof(string) to snprintf can cause a glibc buffer overflow
condition. We know the exact size of nsecs_str, so use it instead of
math that may overflow.
Signed-off-by: Chase Douglas <chase.douglas@xxxxxxxxxxxxx>
---
trace-ftrace.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/trace-ftrace.c b/trace-ftrace.c
index af9ac8d..ee7c6dc 100644
--- a/trace-ftrace.c
+++ b/trace-ftrace.c
@@ -148,7 +148,7 @@ static void print_graph_duration(struct trace_seq *s, unsigned long long duratio
/* Print nsecs (we don't want to exceed 7 numbers) */
if ((s->len - len) < 7) {
- snprintf(nsecs_str, 8 - (s->len - len), "%03lu", nsecs_rem);
+ snprintf(nsecs_str, sizeof(nsecs_str), "%03lu", nsecs_rem);
trace_seq_printf(s, ".%s", nsecs_str);
}
--
1.7.0.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/