0042-proc/slab.h: Fix off-by-one overflow in sscanf().

In proc/slab.c, functions parse_slabinfo20() and parse_slabinfo11(), sscanf() might overflow curr->name, because "String input conversions store a terminating null byte ('\0') to mark the end of the input; the maximum field width does not include this terminator." Add one byte to name[] for this terminator. ---------------------------- adapted for newlib branch . file is now proc/slabinfo.c (not .h) . manifest constant renamed SLABINFO_NAME_LEN . older parse_slabinfo11() function no longer present Signed-off-by: Jim Warner <james.warner@comcast.net>
1970-01-01 00:00:00 +00:00 · 1970-01-01 00:00:00 +00:00 · d1729bed6b
commit d1729bed6b
parent d3ff255fa5
1 changed files with 1 additions and 1 deletions
--- a/proc/slabinfo.c
+++ b/proc/slabinfo.c
@ -76,7 +76,7 @@ struct slabs_summ {
 };

 struct slabs_node {
-    char name[SLABINFO_NAME_LEN];    // name of this cache
+    char name[SLABINFO_NAME_LEN+1];  // name of this cache
    unsigned long cache_size;        // size of entire cache
    unsigned int  nr_objs;           // number of objects in this cache
    unsigned int  nr_active_objs;    // number of active objects