Re: iio_utils.h bug?
From: Jonathan Cameron
Date: Tue Dec 24 2013 - 13:53:55 EST
"Zubair Lutfullah :" <zubair.lutfullah@xxxxxxxxx> wrote:
>Hi,
>
>A guy posted this fix on my blog. I couldn't make sense of it.
>
>Thought I'd post it here. I'll send a proper patch file if
>I knew what commit log I needed to write.
>And I can't exactly sign-off :s.
Yes you can. Patch routed through you, hence your sign is entirely correct. If you have an email address for the author then the from field can be different from the sign-off and you can add a reported-by as well to credit it as fully as possible.
Will be the weekend at least before I actually look at the code!
>
>I asked him to post but he couldn't/wouldn't.
>
>Regards
>ZubairLK
>
>
>"Defend against buffer overflow of ci_array:
>
> code always overwrites one entry beyond end of array, now fixed
>--Craig Markwardt"
>
>iio_utils.h
>
>@@ -335,6 +335,7 @@ inline int build_channel_array(const char
>*device_dir,
> while (ent = readdir(dp), ent != NULL) {
> if (strcmp(ent->d_name + strlen(ent->d_name) - strlen("_en"),
> "_en") == 0) {
>+ int current_enabled = 0;
> current = &(*ci_array)[count++];
> ret = asprintf(&filename,
> "%s/%s", scan_el_dir, ent->d_name);
> if (ret < 0) {
> ret = -ENOMEM;
> /* decrement count to avoid freeing name */
> count--;
> goto error_cleanup_array;
> }
>
> sysfsfp = fopen(filename, "r");
>
> if (sysfsfp == NULL) {
> free(filename);
> ret = -errno;
> goto error_cleanup_array;
> }
>
>- fscanf(sysfsfp, "%u", ¤t->enabled);
>+ fscanf(sysfsfp, "%u", ¤t_enabled);
> fclose(sysfsfp);
>
>- if (!current->enabled) {
>+ if (!current_enabled) {
> free(filename);
> count--;
> continue;
> }
>+ current->enabled = current_enabled;
> current->scale = 1.0;
> current->offset = 0;
> current->name = strndup(ent->d_name,
--
Sent from my Android phone with K-9 Mail. Please excuse my brevity.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/