RFR: 8329961: Buffer overflow in os::Linux::kernel_version [v3]
Johan Sjölen
jsjolen at openjdk.org
Wed Apr 10 09:17:10 UTC 2024
On Tue, 9 Apr 2024 14:48:13 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:
> Hmm, wouldn't sscanf not be simpler and safer? No need to factor out the parser. IMHO no need to even add a gtest since parsing would be really simple and not loop based. E.g.
>
> ```
> if (sscanf(release, "%d.%d", &major, &minor) != 2) {
> log_warning blabla
> }
> ```
>
> As bonus, you avoid accidental conversion from hex numbers and such that strotol provides and that we don't really want here.
Hi, according to C11 standard (and my man pages) it is UB to call the scanf-family of functions with "invalid" data and `strtol` is recommended instead. So, unfortunately, it might not be safer.
Another thing: We shouldn't call `uname`. Reading `/proc/sys/kernel/osrelease` is sufficient.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/18697#issuecomment-2046985347
More information about the hotspot-runtime-dev
mailing list