tools/cgsnapshot: Fix ret value in load_list()

The CodeQL reported a warning:
"Incorrect return-value check for a 'scanf'-like function"

More information about the warning:
https://github.com/libcgroup/libcgroup/security/code-scanning/18

Fix the warning by adding an additional "EOF" check for the ret value
from sscanf() in the load_list().

Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>

diff --git a/src/tools/cgsnapshot.c b/src/tools/cgsnapshot.c
index 777dfc1429a80f8cb9d82ebe4f936a15d41b8c7a..0afad1336ba27a0c5a5850d737cae40e4229627c 100644 (file)
--- a/src/tools/cgsnapshot.c
+++ b/src/tools/cgsnapshot.c
@@ -106,6 +106,11 @@ int load_list(char *filename, struct deny_list_type **p_list)
                if (ret == 0)
                        continue;
 
+               if (ret == EOF) {
+                       ret = ECGEOF;
+                       goto err;
+               }
+
                new = (struct deny_list_type *) malloc(sizeof(struct deny_list_type));
                if (new == NULL) {
                        err("ERROR: Memory allocation problem (%s)\n", strerror(errno));