Lib: Don't trust sscanf()'s %n argument

Don't trust sscanf()'s %n argument just in case the space immediately before it didn't match anything as sscanf() doesn't tell you if it was set. Signed-off-by: David Howells <dhowells@redhat.com>
author: David Howells <dhowells@redhat.com> 2014-01-15 15:07:06 +0000
committer: David Howells <dhowells@redhat.com> 2014-01-15 15:07:06 +0000
commit: 9d22b9b8be886b01d0e929d658b39afc729241eb (patch)
tree: 8bf0f391f0b07c3ae045197c4ef0c3954c28a036
parent: 0a1ab5b7655a988a4b0b80f65f8f980dc94e1dd7 (diff)
download: keyutils-9d22b9b8be886b01d0e929d658b39afc729241eb.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/keyutils.c b/keyutils.c
index 555df55..3922d63 100644
--- a/keyutils.c
+++ b/keyutils.c
@@ -472,9 +472,10 @@ key_serial_t find_key_by_type_and_desc(const char *type, const char *desc,
 		if (*cp)
 			*cp = '\0';
 
+		ndesc = 0;
 		n = sscanf(buf, "%x %*s %*u %*s %*x %*d %*d %s %n",
 			   &id, typebuf, &ndesc);
-		if (n == 2) {
+		if (n == 2 && ndesc > 0 && ndesc <= cp - buf) {
 			if (strcmp(typebuf, type) != 0)
 				continue;
 			kdesc = buf + ndesc;
author	David Howells <dhowells@redhat.com>	2014-01-15 15:07:06 +0000
committer	David Howells <dhowells@redhat.com>	2014-01-15 15:07:06 +0000
commit	9d22b9b8be886b01d0e929d658b39afc729241eb (patch)
tree	8bf0f391f0b07c3ae045197c4ef0c3954c28a036
parent	0a1ab5b7655a988a4b0b80f65f8f980dc94e1dd7 (diff)
download	keyutils-9d22b9b8be886b01d0e929d658b39afc729241eb.tar.gz