vmstat: Prevent out-of-bounds writes in new_header() and diskheader().

This does not happen with the default string (" -----timestamp-----"),
but this string is translated (to unknown lengths).
This commit is contained in:
Qualys Security Advisory 1970-01-01 00:00:00 +00:00 committed by Craig Small
parent 0b55f0dc80
commit 0bfe708c4b

View File

@ -256,7 +256,10 @@ static void new_header(void)
(void) time( &the_time ); (void) time( &the_time );
tm_ptr = localtime( &the_time ); tm_ptr = localtime( &the_time );
if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Z", tm_ptr)) { if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Z", tm_ptr)) {
timebuf[strlen(timestamp_header) - 1] = '\0'; const size_t len = strlen(timestamp_header);
if (len >= 1 && len - 1 < sizeof(timebuf)) {
timebuf[len - 1] = '\0';
}
} else { } else {
timebuf[0] = '\0'; timebuf[0] = '\0';
} }
@ -566,7 +569,10 @@ static void diskheader(void)
(void) time( &the_time ); (void) time( &the_time );
tm_ptr = localtime( &the_time ); tm_ptr = localtime( &the_time );
if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Z", tm_ptr)) { if (tm_ptr && strftime(timebuf, sizeof(timebuf), "%Z", tm_ptr)) {
timebuf[strlen(timestamp_header) - 1] = '\0'; const size_t len = strlen(timestamp_header);
if (len >= 1 && len - 1 < sizeof(timebuf)) {
timebuf[len - 1] = '\0';
}
} else { } else {
timebuf[0] = '\0'; timebuf[0] = '\0';
} }