Pushed, thanks! Marek
On Wed, Feb 28, 2018 at 8:50 AM, Gert Wollny <gw.foss...@gmail.com> wrote: > Limit the length of acceptable cpu names for use in hud_get_num_cpufreq > in order to avoid a buffer overflow later in add_object when this name > is copied into cpufreq_info::name. > > Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=105274 > Signed-off-by: Gert Wollny <gw.foss...@gmail.com> > --- > Submitter has no git write access. > src/gallium/auxiliary/hud/hud_cpufreq.c | 10 +++++++--- > 1 file changed, 7 insertions(+), 3 deletions(-) > > diff --git a/src/gallium/auxiliary/hud/hud_cpufreq.c > b/src/gallium/auxiliary/hud/hud_cpufreq.c > index 78a660795c..04f69231eb 100644 > --- a/src/gallium/auxiliary/hud/hud_cpufreq.c > +++ b/src/gallium/auxiliary/hud/hud_cpufreq.c > @@ -207,8 +207,12 @@ hud_get_num_cpufreq(bool displayhelp) > > while ((dp = readdir(dir)) != NULL) { > > - /* Avoid 'lo' and '..' and '.' */ > - if (strlen(dp->d_name) <= 2) > + size_t d_name_len = strlen(dp->d_name); > + > + /* Avoid 'lo' and '..' and '.', and avoid overlong names that > + * would result in a buffer overflow in add_object. > + */ > + if (d_name_len <= 2 || d_name_len > 15) > continue; > > if (sscanf(dp->d_name, "cpu%d\n", &cpu_index) != 1) > -- > 2.16.1 > > _______________________________________________ > mesa-dev mailing list > mesa-dev@lists.freedesktop.org > https://lists.freedesktop.org/mailman/listinfo/mesa-dev _______________________________________________ mesa-dev mailing list mesa-dev@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/mesa-dev
