Skip to content

Commit

Permalink
Fix memory overflow if the name of an environment is larger than 500 …
Browse files Browse the repository at this point in the history 
…characters. Bug found by Adam Sampson.
  • Loading branch information
@kmatheussen
kmatheussen committed Apr 1, 2015
1 parent 2e76a01 commit bd20bb0
Showing 1 changed file with 9 additions and 1 deletion.
10 changes: 9 additions & 1 deletion das_watchdog.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -306,7 +306,9 @@ static int checksoftirq(int force){


static char *get_pid_environ_val(pid_t pid,char *val){
char temp[500];
int temp_size = 500;
char *temp = malloc(temp_size);

int i=0;
int foundit=0;
FILE *fp;
Expand All @@ -319,6 +321,12 @@ static char *get_pid_environ_val(pid_t pid,char *val){


for(;;){

if (i >= temp_size) {
temp_size *= 2;
temp = realloc(temp, temp_size);
}

temp[i]=fgetc(fp);

if(foundit==1 && (temp[i]==0 || temp[i]=='\0' || temp[i]==EOF)){
Expand Down

0 comments on commit bd20bb0

Please sign in to comment.