Fix off-by-one errors in *scanf format strings.
In the first hunk, the format string was off-by-one for cmd, and cmd itself was larger than the maximum size required. cmd was reduced in size and the format string adjusted. In the second hunk, the format string was off-by-one for local_address, remote_address and extra, although the buffers for the two addresses were large enough for this not to matter. The specifiers for the two addresses was corrected, and a number of unused variables including extra were suppressed from parsing. In the third hunk, the format string was off-by-one for name, dependencies and status. This code was rewritten using strtok since dependencies can be arbitrarily long. gdb/ 2013-10-23 Gary Benson <gbenson@redhat.com> PR 16013 * common/linux-osdata.c (command_from_pid): Reduced size of cmd from 32 to 18. Adjusted fscanf format string accordingly. (Avoids leaving cmd unterminated.) (print_sockets): Do not parse tlen, inode, sl, timeout, txq, rxq, trun, retn or extra. (Avoids leaving extra unterminated.) Check that local_address and remote_address will not overflow. (linux_xfer_osdata_modules): Parse lines using strtok to avoid leaving dependencies unterminated. Parse size as "%u" to match definition.
This commit is contained in:
Gary Benson
Tom Tromey
parent
6d3e7a943f
commit
f60db4f07f
2 changed files with 54 additions and 25 deletions
|
|
@ -1,3 +1,16 @@
|
|||
2013-10-23 Gary Benson <gbenson@redhat.com>
|
||||
|
||||
PR 16013
|
||||
* common/linux-osdata.c (command_from_pid): Reduced size of cmd
|
||||
from 32 to 18. Adjusted fscanf format string accordingly.
|
||||
(Avoids leaving cmd unterminated.)
|
||||
(print_sockets): Do not parse tlen, inode, sl, timeout, txq, rxq,
|
||||
trun, retn or extra. (Avoids leaving extra unterminated.) Check
|
||||
that local_address and remote_address will not overflow.
|
||||
(linux_xfer_osdata_modules): Parse lines using strtok to avoid
|
||||
leaving dependencies unterminated. Parse size as "%u" to match
|
||||
definition.
|
||||
|
||||
2013-10-22 Pedro Alves <palves@redhat.com>
|
||||
|
||||
* infrun.c (handle_inferior_event) <thread hop>: Don't clear or
|
||||
|
|
|
|||
|
|
@ -135,9 +135,9 @@ command_from_pid (char *command, int maxlen, PID_T pid)
|
|||
/* sizeof (cmd) should be greater or equal to TASK_COMM_LEN (in
|
||||
include/linux/sched.h in the Linux kernel sources) plus two
|
||||
(for the brackets). */
|
||||
char cmd[32];
|
||||
char cmd[18];
|
||||
PID_T stat_pid;
|
||||
int items_read = fscanf (fp, "%lld %32s", &stat_pid, cmd);
|
||||
int items_read = fscanf (fp, "%lld %17s", &stat_pid, cmd);
|
||||
|
||||
if (items_read == 2 && pid == stat_pid)
|
||||
{
|
||||
|
|
@ -871,29 +871,22 @@ print_sockets (unsigned short family, int tcp, struct buffer *buffer)
|
|||
if (fgets (buf, sizeof (buf), fp))
|
||||
{
|
||||
uid_t uid;
|
||||
unsigned long tlen, inode;
|
||||
int sl, timeout;
|
||||
unsigned int local_port, remote_port, state;
|
||||
unsigned int txq, rxq, trun, retn;
|
||||
char local_address[NI_MAXHOST], remote_address[NI_MAXHOST];
|
||||
char extra[512];
|
||||
int result;
|
||||
|
||||
#if NI_MAXHOST <= 32
|
||||
#error "local_address and remote_address buffers too small"
|
||||
#endif
|
||||
|
||||
result = sscanf (buf,
|
||||
"%d: %33[0-9A-F]:%X %33[0-9A-F]:%X %X %X:%X %X:%lX %X %d %d %lu %512s\n",
|
||||
&sl,
|
||||
"%*d: %32[0-9A-F]:%X %32[0-9A-F]:%X %X %*X:%*X %*X:%*X %*X %d %*d %*u %*s\n",
|
||||
local_address, &local_port,
|
||||
remote_address, &remote_port,
|
||||
&state,
|
||||
&txq, &rxq,
|
||||
&trun, &tlen,
|
||||
&retn,
|
||||
&uid,
|
||||
&timeout,
|
||||
&inode,
|
||||
extra);
|
||||
&uid);
|
||||
|
||||
if (result == 15)
|
||||
if (result == 6)
|
||||
{
|
||||
union socket_addr locaddr, remaddr;
|
||||
size_t addr_size;
|
||||
|
|
@ -1464,19 +1457,42 @@ linux_xfer_osdata_modules (gdb_byte *readbuf,
|
|||
{
|
||||
if (fgets (buf, sizeof (buf), fp))
|
||||
{
|
||||
char name[64], dependencies[256], status[16];
|
||||
char *name, *dependencies, *status, *tmp;
|
||||
unsigned int size;
|
||||
unsigned long long address;
|
||||
int uses;
|
||||
int items_read;
|
||||
|
||||
items_read = sscanf (buf,
|
||||
"%64s %d %d %256s %16s 0x%llx",
|
||||
name, &size, &uses,
|
||||
dependencies, status, &address);
|
||||
|
||||
if (items_read == 6)
|
||||
buffer_xml_printf (
|
||||
name = strtok (buf, " ");
|
||||
if (name == NULL)
|
||||
continue;
|
||||
|
||||
tmp = strtok (NULL, " ");
|
||||
if (tmp == NULL)
|
||||
continue;
|
||||
if (sscanf (tmp, "%u", &size) != 1)
|
||||
continue;
|
||||
|
||||
tmp = strtok (NULL, " ");
|
||||
if (tmp == NULL)
|
||||
continue;
|
||||
if (sscanf (tmp, "%d", &uses) != 1)
|
||||
continue;
|
||||
|
||||
dependencies = strtok (NULL, " ");
|
||||
if (dependencies == NULL)
|
||||
continue;
|
||||
|
||||
status = strtok (NULL, " ");
|
||||
if (status == NULL)
|
||||
continue;
|
||||
|
||||
tmp = strtok (NULL, "\n");
|
||||
if (tmp == NULL)
|
||||
continue;
|
||||
if (sscanf (tmp, "%llx", &address) != 1)
|
||||
continue;
|
||||
|
||||
buffer_xml_printf (
|
||||
&buffer,
|
||||
"<item>"
|
||||
"<column name=\"name\">%s</column>"
|
||||
|
|
|
|||
Loading…
Reference in a new issue