From: Karel Zak <kzak@redhat.com>
Date: Fri, 15 Sep 2017 11:30:45 +0000 (+0200)
Subject: uuidparse:fix stack-buffer-overflow [asan]
X-Git-Tag: v2.31-rc1~73
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ae1c9d60083d1e04c601a3ba3c6d19233d0643ed;p=thirdparty%2Futil-linux.git

uuidparse:fix stack-buffer-overflow [asan]

Reported-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Karel Zak <kzak@redhat.com>
---

diff --git a/misc-utils/uuidparse.c b/misc-utils/uuidparse.c
index 19bb3f1b91..08ba334156 100644
--- a/misc-utils/uuidparse.c
+++ b/misc-utils/uuidparse.c
@@ -45,6 +45,7 @@
 #include <string.h>
 #include <time.h>
 #include <unistd.h>
+#include <uuid.h>
 
 #include "c.h"
 #include "closestream.h"
@@ -52,7 +53,6 @@
 #include "optutils.h"
 #include "strutils.h"
 #include "timeutils.h"
-#include "uuid.h"
 #include "xalloc.h"
 
 /* column IDs */
@@ -279,8 +279,7 @@ static void print_output(struct control const *const ctrl, int argc,
 	if (i == 0) {
 		char uuid[UUID_STR_LEN];
 
-		while (scanf(" %" stringify_value(UUID_STR_LEN)
-			     "[^ \t\n]%*c", uuid) && !feof(stdin))
+		while (scanf(" %36[^ \t\n]%*c", uuid) && !feof(stdin))
 			fill_table_row(tb, uuid);
 	}
 	scols_print_table(tb);