commit 466b2a3f88ab9604fed5050aa7d81d33f3d3bd0b
Author: Jan Safranek <jsafrane@redhat.com>
Date: Tue Mar 1 12:25:30 2011 +0100
Fix buffer overflow when processing list of controllers from command line (CVE-2011-1006).
Thanks to Nelson Elhage for reporting this issue.
Signed-off-by: Jan Safranek <jsafrane@redhat.com>
diff --git a/src/tools/tools-common.c b/src/tools/tools-common.c
index 4beffcd..7d633be 100644
--- a/src/tools/tools-common.c
+++ b/src/tools/tools-common.c
@@ -79,7 +79,7 @@ int parse_cgroup_spec(struct cgroup_group_spec **cdptr, char *optarg,
}
}
j++;
- } while (temp);
+ } while (temp && j<CG_CONTROLLER_MAX-1);
/* Store path to the cgroup */
strncpy(cdptr[i]->path, pathptr, FILENAME_MAX);