diff options
author | Dan Kalowsky <daniel.kalowsky@intel.com> | 2014-04-28 14:00:44 -0700 |
---|---|---|
committer | Alexandra Yates <alexandra.yates@linux.intel.com> | 2014-05-01 10:02:14 -0700 |
commit | 3ae6e9a83256b10211e5e870eab7fb3bfaf47b30 (patch) | |
tree | 666fab7273932f54cc9d9876d13217af2f5d66d7 | |
parent | 39114b52f325e1b6da3092970d69e6ecfc2f0129 (diff) | |
download | powertop-2.0-3ae6e9a83256b10211e5e870eab7fb3bfaf47b30.tar.gz |
Stop buffer overflow
On some builds of Android, we are seeing entries that overrun this
buffer causing some ill-advised effects. Limiting the buffer copies to
the size of the allocated buffer solves this issue.
-rw-r--r-- | src/process/do_process.cpp | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/process/do_process.cpp b/src/process/do_process.cpp index f7f9765..6caf128 100644 --- a/src/process/do_process.cpp +++ b/src/process/do_process.cpp @@ -856,8 +856,8 @@ void process_update_display(void) format_watts(all_power[i]->Witts(), power, 10); if (!show_power) - strcpy(power, " "); - sprintf(name, "%s", all_power[i]->type()); + strncpy(power, " ", 16); + snprintf(name, 20, "%s", all_power[i]->type()); align_string(name, 14, 20); @@ -867,9 +867,9 @@ void process_update_display(void) usage[0] = 0; if (all_power[i]->usage_units()) { if (all_power[i]->usage() < 1000) - sprintf(usage, "%5.1f%s", all_power[i]->usage(), all_power[i]->usage_units()); + snprintf(usage, 20, "%5.1f%s", all_power[i]->usage(), all_power[i]->usage_units()); else - sprintf(usage, "%5i%s", (int)all_power[i]->usage(), all_power[i]->usage_units()); + snprintf(usage, 20, "%5i%s", (int)all_power[i]->usage(), all_power[i]->usage_units()); } align_string(usage, 14, 20); @@ -878,7 +878,7 @@ void process_update_display(void) if (!all_power[i]->show_events()) events[0] = 0; else if (all_power[i]->events() <= 0.3) - sprintf(events, "%5.2f", all_power[i]->events()); + snprintf(events, 20, "%5.2f", all_power[i]->events()); align_string(events, 12, 20); wprintw(win, "%s %s %s %s %s\n", power, usage, events, name, pretty_print(all_power[i]->description(), descr, 128)); |