From: One Thousand Gnomes <gnomes@lxorguk.ukuu.org.uk>
Date: Tue, 17 Dec 2013 15:07:31 +0000 (+0000)
Subject: cpupower: Fix sscanf robustness in cpufreq-set
X-Git-Tag: v3.14-rc1~107^2~1^3~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=fdfe840e480c56dc1119c31bb4fcc211b1b9b46f;p=kernel%2Fkernel-generic.git

cpupower: Fix sscanf robustness in cpufreq-set

The cpufreq-set tool has a missing length check. This is basically
just correctness but still should get fixed.

One of a set of sscanf problems reported by Jackie Chang

Signed-off-by: Alan Cox <alan@linux.intel.com>
[rjw: Subject]
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
---

diff --git a/tools/power/cpupower/utils/cpufreq-set.c b/tools/power/cpupower/utils/cpufreq-set.c
index dd1539e..a416de8 100644
--- a/tools/power/cpupower/utils/cpufreq-set.c
+++ b/tools/power/cpupower/utils/cpufreq-set.c
@@ -257,7 +257,7 @@ int cmd_freq_set(int argc, char **argv)
 				print_unknown_arg();
 				return -EINVAL;
 			}
-			if ((sscanf(optarg, "%s", gov)) != 1) {
+			if ((sscanf(optarg, "%19s", gov)) != 1) {
 				print_unknown_arg();
 				return -EINVAL;
 			}