Patchwork acpi: powerbutton: ensure we don't get scanf buffer overflow

login
register
mail settings
Submitter Colin King
Date Jan. 9, 2014, 3:24 p.m.
Message ID <1389281050-24674-1-git-send-email-colin.king@canonical.com>
Download mbox | patch
Permalink /patch/308859/
State Accepted
Headers show

Comments

Colin King - Jan. 9, 2014, 3:24 p.m.
From: Colin Ian King <colin.king@canonical.com>

Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
 src/acpi/powerbutton/powerbutton.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Ivan Hu - Jan. 13, 2014, 3:22 a.m.
On 01/09/2014 11:24 PM, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
>   src/acpi/powerbutton/powerbutton.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/acpi/powerbutton/powerbutton.c b/src/acpi/powerbutton/powerbutton.c
> index b67cbcd..5bf14a7 100644
> --- a/src/acpi/powerbutton/powerbutton.c
> +++ b/src/acpi/powerbutton/powerbutton.c
> @@ -62,7 +62,7 @@ static int power_button_test1(fwts_framework *fw)
>   	else  {
>   		char button[4096];
>   		memset(button, 0, sizeof(button));
> -		sscanf(buffer, "%*s %s", button);
> +		sscanf(buffer, "%*s %4095s", button);
>
>   		fwts_passed(fw, "Detected %s power button event.", button);
>   	}
>

Acked-by: Ivan Hu <ivan.hu@canonical.com>
Alex Hung - Jan. 14, 2014, 2:11 a.m.
On 01/09/2014 11:24 PM, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
> 
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
>  src/acpi/powerbutton/powerbutton.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/acpi/powerbutton/powerbutton.c b/src/acpi/powerbutton/powerbutton.c
> index b67cbcd..5bf14a7 100644
> --- a/src/acpi/powerbutton/powerbutton.c
> +++ b/src/acpi/powerbutton/powerbutton.c
> @@ -62,7 +62,7 @@ static int power_button_test1(fwts_framework *fw)
>  	else  {
>  		char button[4096];
>  		memset(button, 0, sizeof(button));
> -		sscanf(buffer, "%*s %s", button);
> +		sscanf(buffer, "%*s %4095s", button);
>  
>  		fwts_passed(fw, "Detected %s power button event.", button);
>  	}
> 

Acked-by: Alex Hung <alex.hung@canonical.com>

Patch

diff --git a/src/acpi/powerbutton/powerbutton.c b/src/acpi/powerbutton/powerbutton.c
index b67cbcd..5bf14a7 100644
--- a/src/acpi/powerbutton/powerbutton.c
+++ b/src/acpi/powerbutton/powerbutton.c
@@ -62,7 +62,7 @@  static int power_button_test1(fwts_framework *fw)
 	else  {
 		char button[4096];
 		memset(button, 0, sizeof(button));
-		sscanf(buffer, "%*s %s", button);
+		sscanf(buffer, "%*s %4095s", button);
 
 		fwts_passed(fw, "Detected %s power button event.", button);
 	}