From patchwork Thu Oct 13 08:30:21 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Thomas Jarosch X-Patchwork-Id: 119384 X-Patchwork-Delegate: shemminger@vyatta.com Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 54D98B6F7C for ; Thu, 13 Oct 2011 19:30:34 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753818Ab1JMIaZ (ORCPT ); Thu, 13 Oct 2011 04:30:25 -0400 Received: from re04.intra2net.com ([82.165.46.26]:50276 "EHLO re04.intra2net.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753709Ab1JMIaX (ORCPT ); Thu, 13 Oct 2011 04:30:23 -0400 Received: from intranator.m.i2n (unknown [172.16.1.99]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by re04.intra2net.com (Postfix) with ESMTP id E05893010A; Thu, 13 Oct 2011 10:30:22 +0200 (CEST) Received: from localhost (intranator.m.i2n [127.0.0.1]) by localhost (Postfix) with ESMTP id B4A622AC54; Thu, 13 Oct 2011 10:30:22 +0200 (CEST) X-Virus-Scanned: by Intranator (www.intra2net.com) with AMaViS and F-Secure AntiVirus (fsavdb 2011-10-13_02) X-Spam-Status: X-Spam-Level: 0 Received: from storm.localnet (storm.m.i2n [172.16.1.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by intranator.m.i2n (Postfix) with ESMTPS id EA7262AC53; Thu, 13 Oct 2011 10:30:21 +0200 (CEST) Subject: [iproute2 PATCH] Fix unterminated readlink() buffer usage From: Thomas Jarosch Organization: Intra2net AG Date: Thu, 13 Oct 2011 10:30:21 +0200 To: netdev@vger.kernel.org Cc: Stephen Hemminger MIME-Version: 1.0 Message-Id: <201110131030.21723.thomas.jarosch@intra2net.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Signed-off-by: Thomas Jarosch --- misc/ss.c | 10 ++++++++-- 1 files changed, 8 insertions(+), 2 deletions(-) diff --git a/misc/ss.c b/misc/ss.c index b00841b..1353620 100644 --- a/misc/ss.c +++ b/misc/ss.c @@ -273,13 +273,19 @@ static void user_ent_hash_build(void) unsigned int ino; char lnk[64]; int fd; + ssize_t link_len; if (sscanf(d1->d_name, "%d%c", &fd, &crap) != 1) continue; sprintf(name+pos, "%d", fd); - if (readlink(name, lnk, sizeof(lnk)-1) < 0 || - strncmp(lnk, pattern, strlen(pattern))) + + link_len = readlink(name, lnk, sizeof(lnk)-1); + if (link_len == -1) + continue; + lnk[link_len] = '\0'; + + if (strncmp(lnk, pattern, strlen(pattern))) continue; sscanf(lnk, "socket:[%u]", &ino);