summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIngo Bürk <admin@airblader.de>2020-03-30 08:36:53 +0200
committerGitHub <noreply@github.com>2020-03-30 08:36:53 +0200
commitfb8dc7cce74ca42fb900a76224417927a1175893 (patch)
tree418e4277200f927896abefbb3319e2cc7224f46e
parent22c0d3aee6c872638c980ae6fafc84a1941df089 (diff)
parent585d0700c7dbbc3cf032ad2e710d48eda85dd7ce (diff)
Merge pull request #394 from smaeul/patch/cpu-usage
avoid out-of-bounds read after invalid %cpu conversion
-rw-r--r--src/print_cpu_usage.c11
1 files changed, 3 insertions, 8 deletions
diff --git a/src/print_cpu_usage.c b/src/print_cpu_usage.c
index 979e082..abf3481 100644
--- a/src/print_cpu_usage.c
+++ b/src/print_cpu_usage.c
@@ -183,7 +183,8 @@ void print_cpu_usage(yajl_gen json_gen, char *buffer, const char *format, const
#if defined(__linux__)
else if (BEGINS_WITH(walk + 1, "cpu")) {
int number = -1;
- sscanf(walk + 1, "cpu%d", &number);
+ int length = strlen("cpu");
+ sscanf(walk + 1, "cpu%d%n", &number, &length);
if (number == -1) {
fprintf(stderr, "i3status: provided CPU number cannot be parsed\n");
} else if (number >= cpu_count) {
@@ -194,13 +195,7 @@ void print_cpu_usage(yajl_gen json_gen, char *buffer, const char *format, const
int cpu_diff_usage = (cpu_diff_total ? (1000 * (cpu_diff_total - cpu_diff_idle) / cpu_diff_total + 5) / 10 : 0);
outwalk += sprintf(outwalk, "%02d%s", cpu_diff_usage, pct_mark);
}
- int padding = 1;
- int step = 10;
- while (step <= number) {
- step *= 10;
- padding++;
- }
- walk += strlen("cpu") + padding;
+ walk += length;
}
#endif
else {