From patchwork Sat Dec  8 18:57:28 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Paul Pluzhnikov <ppluzhnikov@google.com>
X-Patchwork-Id: 30591
Received: (qmail 85457 invoked by alias); 8 Dec 2018 18:58:00 -0000
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <libc-alpha.sourceware.org>
List-Unsubscribe: <mailto:libc-alpha-unsubscribe-##L=##H@sourceware.org>
List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/libc-alpha/>
List-Post: <mailto:libc-alpha@sourceware.org>
List-Help: <mailto:libc-alpha-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: libc-alpha-owner@sourceware.org
Delivered-To: mailing list libc-alpha@sourceware.org
Received: (qmail 85405 invoked by uid 89); 8 Dec 2018 18:57:59 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-34.9 required=5.0 tests=BAYES_00,
	ENV_AND_HDR_SPF_MATCH, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2,
	GIT_PATCH_3, RCVD_IN_DNSWL_NONE, SPF_PASS,
	USER_IN_DEF_SPF_WL autolearn=ham version=3.3.2 spammy=449,
	Hx-languages-length:1416
X-HELO: mail-yw1-f54.google.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20161025;
	h=mime-version:from:date:message-id:subject:to:cc;
	bh=tp30W9Qa6myKCyITXnLvu6uvw1Cx0gx+Mk3H6D1LcmI=;
	b=O7Td41z3+ku5wuLoQHynZZIM/NtBlYYiGDj8C1+ODu87mKuMGVZwPIuJCFKwCsi/8r
	mxYwbzv3aRyHAnOU8SIX7ZD7o66NENNTRtk2O/n/gbNLh2u3KisYvYIrgeApjY5and7n
	f7vIwHEaa2CQA9D6OTfR29m5Z/JVjK6pxX3WPGSTpggteptcoyvYjsC52u2Hpu3KbeFn
	9CRn0uqU/9w72kFwKV+e2dwGfh04hkSavdOw5z9zykjiqnxJKD7N/F1f6xQ7Ysuzkk9f
	sl/YA8yA135FKZPffezUSSPaZ6maaGjuCnhypXgfIllo2lD6mXxmrKZLtA87lLx6W1eS
	AWIQ==
MIME-Version: 1.0
From: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Sat, 8 Dec 2018 10:57:28 -0800
Message-ID: 
 <CALoOobNGOWqcOuirHR5k3r5rWtGGCSwP8pQvNWUB1J+5cx-hwg@mail.gmail.com>
Subject: [PATCH] Fix potential stack overflow [BZ #23490]
To: GLIBC Devel <libc-alpha@sourceware.org>
Cc: "H.J. Lu" <hjl.tools@gmail.com>

Ok for trunk?

Thanks,

diff --git a/ChangeLog b/ChangeLog
index 7c4b061ec5..03cbe04ddb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2018-12-08  Paul Pluzhnikov  <ppluzhnikov@google.com>
+
+	[BZ #23490]
+	* sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
+	(do_test): Adjust buffer size and fix format.
+
 2018-12-07  DJ Delorie  <dj@redhat.com>
 
 	[BZ #23907]
diff --git a/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c b/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
index 0531074ceb..259ef44eb8 100644
--- a/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
+++ b/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
@@ -44,9 +44,9 @@ sig_handler (int signo)
 static int
 do_test (void)
 {
-  char buf[20];
+  char buf[4];
 
-  if (scanf ("%20s", buf) != 1)
+  if (scanf ("%3s", buf) != 1)
     FAIL_UNSUPPORTED ("IBT not supported");
 
   if (strcmp (buf, "IBT") != 0)