Overview

File pcp-2.5.0-buffer-overflow.diff of Package pcp

--- src/pmdas/linux/proc_pid.c
+++ src/pmdas/linux/proc_pid.c	2008/10/07 14:37:46
@@ -153,7 +153,7 @@
 	    sprintf(buf, "/proc/%d/cmdline", pidlist[i]);
 	    if ((fd = open(buf, O_RDONLY)) >= 0) {
 		sprintf(buf, "%06d ", pidlist[i]);
-		if ((k = read(fd, buf+7, sizeof(buf))) > 0) {
+		if ((k = read(fd, buf+7, sizeof(buf)-7)) > 0) {
 			/* Remove NULL terminators from cmdline string array */
 			/* Added by Mike Mason <mmlnx@us.ibm.com> */
 			for (n = 7; n < k + 6; n++) {
openSUSE Build Service is sponsored by
Places