According to Jim Meyering on 2/25/2010 11:30 AM:
ACK on plugging the leak. However,...
> @@ -979,18 +980,12 @@ int openvzGetVEID(const char *name) {
> return -1;
> }
>
> - if (fscanf(fp, "%d\n", &veid ) != 1) {
> + ok = fscanf(fp, "%d\n", &veid ) == 1;
You're still keeping with fscanf. Isn't that dangerous, since fscanf is
undefined in the presence of integer overflow (that is, if fp sends more
decimal digits than fit in veid)? This seems like one of the reasons that
coreutils completely prohibits *scanf (another being buffer overflow
exploits with %s, but that's not relevant to this chunk of code).
--
Eric Blake eblake@xxxxxxxxxx +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list