util: virhostmem: do not use scanf without field limits

We use an array of size VIR_NODE_MEMORY_STATS_FIELD_LENGTH
to store the string read from sysfs, but pass unbound "%s"
to sscanf.

Make the array larger by one and simply stringify that
constant as the field width specifier.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Martin Kletzander <mkletzan@redhat.com>

diff --git a/src/util/virhostmem.c b/src/util/virhostmem.c
index 9097716f546b0475f54c86e693c61b71dc4fbf1c..2f60e2a25039c86be49d660716cc50cf9709ecff 100644 (file)
--- a/src/util/virhostmem.c
+++ b/src/util/virhostmem.c
@@ -148,7 +148,7 @@ virHostMemGetStatsLinux(FILE *meminfo,
     int found = 0;
     int nr_param;
     char line[1024];
-    char meminfo_hdr[VIR_NODE_MEMORY_STATS_FIELD_LENGTH];
+    char meminfo_hdr[VIR_NODE_MEMORY_STATS_FIELD_LENGTH + 1];
     unsigned long val;
     struct field_conv {
         const char *meminfo_hdr;  /* meminfo header */
@@ -207,8 +207,10 @@ virHostMemGetStatsLinux(FILE *meminfo,
             buf = p;
         }
 
-        if (sscanf(buf, "%s %lu kB", meminfo_hdr, &val) < 2)
+# define MEM_MAX_LEN G_STRINGIFY(VIR_NODE_MEMORY_STATS_FIELD_LENGTH)
+        if (sscanf(buf, "%" MEM_MAX_LEN "s %lu kB", meminfo_hdr, &val) < 2)
             continue;
+# undef MEM_MAX_LEN
 
         for (j = 0; field_conv[j].meminfo_hdr != NULL; j++) {
             struct field_conv *convp = &field_conv[j];