joy
joy copied to clipboard
Published
20 hours ago •
cisco
cisco
no limitation for "%s" while calling fscanf()
https://github.com/cisco/joy/blob/5dd5b71bc1fe71ff0d0cf1b6263e6f5449cd622d/src/procwatch.c#L546
dummy_string defined here: https://github.com/cisco/joy/blob/5dd5b71bc1fe71ff0d0cf1b6263e6f5449cd622d/src/procwatch.c#L520
macro PID_MAX_LEN defined here: https://github.com/cisco/joy/blob/5dd5b71bc1fe71ff0d0cf1b6263e6f5449cd622d/src/procwatch.c#L513
no limitation for "%s" while calling fscanf() may cause overwrite.
rc = fscanf(ps_file,"%lu %64s\n",&ps_pid,dummy_string);
https://github.com/cisco/joy/blob/5dd5b71bc1fe71ff0d0cf1b6263e6f5449cd622d/src/procwatch.c#L724