search

cisco / joy

A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.
Other
1.31k stars 329 forks source link

no limitation for "%s" while calling fscanf() #265

Open QiAnXinCodeSafe opened 5 years ago

QiAnXinCodeSafe commented 5 years ago

https://github.com/cisco/joy/blob/5dd5b71bc1fe71ff0d0cf1b6263e6f5449cd622d/src/procwatch.c#L546

dummy_string defined here: https://github.com/cisco/joy/blob/5dd5b71bc1fe71ff0d0cf1b6263e6f5449cd622d/src/procwatch.c#L520

macro PID_MAX_LEN defined here: https://github.com/cisco/joy/blob/5dd5b71bc1fe71ff0d0cf1b6263e6f5449cd622d/src/procwatch.c#L513

no limitation for "%s" while calling fscanf() may cause overwrite.

    rc = fscanf(ps_file,"%lu %64s\n",&ps_pid,dummy_string);
QiAnXinCodeSafe commented 5 years ago

https://github.com/cisco/joy/blob/5dd5b71bc1fe71ff0d0cf1b6263e6f5449cd622d/src/procwatch.c#L724