From: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Date: Wed, 10 Aug 2022 16:59:19 +0000 (-0600)
Subject: api.c: add precision to fscanf(), in cgroup_get_current_controller_path()
X-Git-Tag: v2.0.3~20
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a56103d2f833e3a1ba532d2a8b0b222fd1cd1bfd;p=thirdparty%2Flibcgroup.git

api.c: add precision to fscanf(), in cgroup_get_current_controller_path()

Fix calling risky function warning, reported by Coverity tool:

CID 258301 (#1 of 1): Calling risky function
(DC.STREAM_BUFFER)dont_call: fscanf assumes an arbitrarily long string,
so callers must use correct precision specifiers or never use fscanf.

As per secure coding standard, using '%s' in the fscanf() is not
recommend, hence fix it by using the precision of macro
FILENAME_MAX borrowed from Linux Kernel for the maximum
allowed controller/subsys_name length.

Signed-off-by: Kamalesh Babulal <kamalesh.babulal@oracle.com>
Signed-off-by: Tom Hromatka <tom.hromatka@oracle.com>
(cherry picked from commit ac05eb49c498aa5047070a4620456fa7a10e1910)
TJH: Small fix in the commit comment.
---

diff --git a/src/api.c b/src/api.c
index 02257905..6feff3a5 100644
--- a/src/api.c
+++ b/src/api.c
@@ -4453,7 +4453,11 @@ int cgroup_get_current_controller_path(pid_t pid, const char *controller,
 		char *savedptr;
 		char *token;
 
-		ret = fscanf(pid_cgroup_fd, "%d:%[^:]:%s\n", &num, controllers,
+		/*
+		 * 4096 == FILENAME_MAX, keeping the coverity happy with precision
+		 * for the cgroup_path.
+		 */
+		ret = fscanf(pid_cgroup_fd, "%d:%[^:]:%4096s\n", &num, controllers,
 				cgroup_path);
 		/*
 		 * Magic numbers like "3" seem to be integrating into