From 9bcf7507fab6e6b022ae3cc7178237e6e0a09e9a Mon Sep 17 00:00:00 2001 From: Thomas Hindoe Paaboel Andersen Date: Fri, 26 Sep 2014 21:41:02 +0200 Subject: [PATCH] bootchart: parse userinput with safe_atoi Found by coverity. Fixes: CID#996409 --- src/bootchart/store.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git src/bootchart/store.c src/bootchart/store.c index ed683e8..3099ff1 100644 --- src/bootchart/store.c +++ src/bootchart/store.c @@ -192,12 +192,14 @@ vmstat_next: m = buf; while (m) { + int r; + if (sscanf(m, "%s %*s %*s %*s %*s %*s %*s %s %s", key, rt, wt) < 3) goto schedstat_next; if (strstr(key, "cpu")) { - c = atoi((const char*)(key+3)); - if (c > MAXCPUS) + r = safe_atoi((const char*)(key+3), &c); + if (r < 0 || c > MAXCPUS) /* Oops, we only have room for MAXCPUS data */ break; sampledata->runtime[c] = atoll(rt); -- 1.7.9.2