diff options
author | Ingo Bürk <admin@airblader.de> | 2020-03-30 08:36:53 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-03-30 08:36:53 +0200 |
commit | fb8dc7cce74ca42fb900a76224417927a1175893 (patch) | |
tree | 418e4277200f927896abefbb3319e2cc7224f46e | |
parent | 22c0d3aee6c872638c980ae6fafc84a1941df089 (diff) | |
parent | 585d0700c7dbbc3cf032ad2e710d48eda85dd7ce (diff) |
Merge pull request #394 from smaeul/patch/cpu-usage
avoid out-of-bounds read after invalid %cpu conversion
-rw-r--r-- | src/print_cpu_usage.c | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/src/print_cpu_usage.c b/src/print_cpu_usage.c index 979e082..abf3481 100644 --- a/src/print_cpu_usage.c +++ b/src/print_cpu_usage.c @@ -183,7 +183,8 @@ void print_cpu_usage(yajl_gen json_gen, char *buffer, const char *format, const #if defined(__linux__) else if (BEGINS_WITH(walk + 1, "cpu")) { int number = -1; - sscanf(walk + 1, "cpu%d", &number); + int length = strlen("cpu"); + sscanf(walk + 1, "cpu%d%n", &number, &length); if (number == -1) { fprintf(stderr, "i3status: provided CPU number cannot be parsed\n"); } else if (number >= cpu_count) { @@ -194,13 +195,7 @@ void print_cpu_usage(yajl_gen json_gen, char *buffer, const char *format, const int cpu_diff_usage = (cpu_diff_total ? (1000 * (cpu_diff_total - cpu_diff_idle) / cpu_diff_total + 5) / 10 : 0); outwalk += sprintf(outwalk, "%02d%s", cpu_diff_usage, pct_mark); } - int padding = 1; - int step = 10; - while (step <= number) { - step *= 10; - padding++; - } - walk += strlen("cpu") + padding; + walk += length; } #endif else { |