bug in busybox lock
Hauke Mehrtens
hauke at hauke-m.de
Thu Mar 31 10:07:00 PDT 2022
On 3/31/22 16:11, e9hack wrote:
> Hi,
>
> commit
>
> busybox: fix busybox lock applet pidstr buffer overflow
>
> looks wrong for me:
>
> --- a/package/utils/busybox/patches/220-add_lock_util.patch
> +++ b/package/utils/busybox/patches/220-add_lock_util.patch
> @@ -109,7 +109,7 @@
> + if (!waitonly) {
> + lseek(fd, 0, SEEK_SET);
> + ftruncate(fd, 0);
> -+ sprintf(pidstr, "%d\n", pid);
> ++ snprintf(sizeof(pidstr), pidstr, "%d\n", pid);
> + write(fd, pidstr, strlen(pidstr));
> + close(fd);
> + }
>
> The first parameter in snprintf() must be the buffer and the second the
> length.
>
> Regards,
> Hartmut
Hi Hartmut,
Thanks for the report, I fixed it here:
https://github.com/openwrt/openwrt/commit/d80336e1a970b088c235dcf2773052537e6f5d72
Hauke
More information about the openwrt-devel
mailing list