Skip to content

Commit bd20bb0

Browse files
committed
Fix memory overflow if the name of an environment is larger than 500 characters. Bug found by Adam Sampson.
1 parent 2e76a01 commit bd20bb0

File tree

1 file changed

+9
-1
lines changed

1 file changed

+9
-1
lines changed

Diff for: das_watchdog.c

+9-1
Original file line numberDiff line numberDiff line change
@@ -306,7 +306,9 @@ static int checksoftirq(int force){
306306

307307

308308
static char *get_pid_environ_val(pid_t pid,char *val){
309-
char temp[500];
309+
int temp_size = 500;
310+
char *temp = malloc(temp_size);
311+
310312
int i=0;
311313
int foundit=0;
312314
FILE *fp;
@@ -319,6 +321,12 @@ static char *get_pid_environ_val(pid_t pid,char *val){
319321

320322

321323
for(;;){
324+
325+
if (i >= temp_size) {
326+
temp_size *= 2;
327+
temp = realloc(temp, temp_size);
328+
}
329+
322330
temp[i]=fgetc(fp);
323331

324332
if(foundit==1 && (temp[i]==0 || temp[i]=='\0' || temp[i]==EOF)){

0 commit comments

Comments
 (0)