From nobody Fri Dec 19 02:53:53 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) client-ip=205.139.110.120; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-1.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1596406384; cv=none; d=zohomail.com; s=zohoarc; b=j7bC42RFZQoQYDYjF6f9VJuWJlFdSDDPn3YbzsqW/g/u9UH9jxAZJr/1VTIPaBO/ivoeyfrWzcazgPc6iomwQu5odmdn49HwivNSTlX4hB0ch1+9SQIoOGWYz2mwft9Kedx22t1LzZkvY/r1ya8qrGfKMIttlFobkQMHqrki1NU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1596406384; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Fn2HVRnY0zemCc7lxsIv+50ToNyg97rMegUI+9JWbWY=; b=X8uPgaGkVd8UyYnaMwOVUysXp8NRpvsfJhrb5WIZNHYtKfkX/TnLscNVeDp1yH+MrOxNqHXNbzR3o52/qfmbCZ8c/DSWyJBxX7IL6FbcHP7FtaYQ+BJKuMVteQG7LSCYvi9mTH0XMQD3QduJDoedY9oavAIZov28Su6SUuMCWsg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 205.139.110.120 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com [205.139.110.120]) by mx.zohomail.com with SMTPS id 1596406384289116.27623939307853; Sun, 2 Aug 2020 15:13:04 -0700 (PDT) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-148-nf_5Ae7uN1eLDg6HBYLr5A-1; Sun, 02 Aug 2020 18:12:22 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 96D1B800461; Sun, 2 Aug 2020 22:12:17 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 7A24969314; Sun, 2 Aug 2020 22:12:17 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 4AD079A0EF; Sun, 2 Aug 2020 22:12:17 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 072MBi3A010605 for ; Sun, 2 Aug 2020 18:11:44 -0400 Received: by smtp.corp.redhat.com (Postfix) id 920FF177F9; Sun, 2 Aug 2020 22:11:44 +0000 (UTC) Received: from lpt.redhat.com (unknown [10.40.208.7]) by smtp.corp.redhat.com (Postfix) with ESMTP id D7D1D5C5B7 for ; Sun, 2 Aug 2020 22:11:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1596406383; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Fn2HVRnY0zemCc7lxsIv+50ToNyg97rMegUI+9JWbWY=; b=YSL3GuBS3cDvkNqrPvVHyDBCV3k1D/XSXtYvhW10F2gH+CuXXVfcIre6T1KCqk7fyPQrXF YpgyOuDxh7MTWRK/+5JjWJR14wLbsJ9fQKjnZLj1/JU65iYcreGE+6Vj1e2534CxtayNVn xguA0uqMVCJJK4w81KWWrpgZeXwOm4I= X-MC-Unique: nf_5Ae7uN1eLDg6HBYLr5A-1 From: =?UTF-8?q?J=C3=A1n=20Tomko?= To: libvir-list@redhat.com Subject: [libvirt PATCH 4/8] util: virhostmem: do not use scanf without field limits Date: Mon, 3 Aug 2020 00:11:27 +0200 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) We use an array of size VIR_NODE_MEMORY_STATS_FIELD_LENGTH to store the string read from sysfs, but pass unbound "%s" to sscanf. Make the array larger by one and simply stringify that constant as the field width specifier. Signed-off-by: J=C3=A1n Tomko --- src/util/virhostmem.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/util/virhostmem.c b/src/util/virhostmem.c index 9097716f54..2f60e2a250 100644 --- a/src/util/virhostmem.c +++ b/src/util/virhostmem.c @@ -148,7 +148,7 @@ virHostMemGetStatsLinux(FILE *meminfo, int found =3D 0; int nr_param; char line[1024]; - char meminfo_hdr[VIR_NODE_MEMORY_STATS_FIELD_LENGTH]; + char meminfo_hdr[VIR_NODE_MEMORY_STATS_FIELD_LENGTH + 1]; unsigned long val; struct field_conv { const char *meminfo_hdr; /* meminfo header */ @@ -207,8 +207,10 @@ virHostMemGetStatsLinux(FILE *meminfo, buf =3D p; } =20 - if (sscanf(buf, "%s %lu kB", meminfo_hdr, &val) < 2) +# define MEM_MAX_LEN G_STRINGIFY(VIR_NODE_MEMORY_STATS_FIELD_LENGTH) + if (sscanf(buf, "%" MEM_MAX_LEN "s %lu kB", meminfo_hdr, &val) < 2) continue; +# undef MEM_MAX_LEN =20 for (j =3D 0; field_conv[j].meminfo_hdr !=3D NULL; j++) { struct field_conv *convp =3D &field_conv[j]; --=20 2.26.2