Commit 72adfde6 authored by chrfranke's avatar chrfranke
Browse files

smartctl.cpp: Fix possible buffer overflow (#1546).

An overflow of 1-2 bytes occurred only if the '-n' option
was specified with an invalid argument.

git-svn-id: https://svn.code.sf.net/p/smartmontools/code/trunk@5260 4ea69e1a-61f1-4043-bf83-b5c94c648137
parent 41c67b33
$Id$
2021-11-29 Christian Franke <franke@computer.org>
smartctl.cpp: Fix possible buffer overflow (#1546).
An overflow of 1-2 bytes occurred only if the '-n' option
was specified with an invalid argument.
2021-11-28 Christian Franke <franke@computer.org>
smartd.cpp: Fix write of ATA attributes to state files.
......
......@@ -871,7 +871,7 @@ static int parse_options(int argc, char** argv, const char * & type,
else {
int n1 = -1, n2 = -1, n3 = -1, len = strlen(optarg);
char s[7+1]; unsigned i = FAILPOWER, j = 0;
sscanf(optarg, "%9[a-z]%n,%u%n,%u%n", s, &n1, &i, &n2, &j, &n3);
sscanf(optarg, "%7[a-z]%n,%u%n,%u%n", s, &n1, &i, &n2, &j, &n3);
if (!((n1 == len || n2 == len || n3 == len) && i <= 255 && j <= 255))
badarg = true;
else if (!strcmp(s, "sleep")) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment