[Mesa-dev] [Bug 105274] Possible buffer overflow in in gallium/auxiliary/hud/hud_cpufreq.c

Tue Feb 27 18:47:48 UTC 2018

https://bugs.freedesktop.org/show_bug.cgi?id=105274

            Bug ID: 105274
           Summary: Possible buffer overflow in in
                    gallium/auxiliary/hud/hud_cpufreq.c
           Product: Mesa
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: medium
         Component: Other
          Assignee: mesa-dev at lists.freedesktop.org
          Reporter: vesim809 at gmail.com
        QA Contact: mesa-dev at lists.freedesktop.org

It is possible to overflow cpufreq_info::name and cpufreq_info::sysfs_filename
inside add_object function. It require to somehow(ex. inside chroot) create
custom directory inside `/sys/devices/system/cpu/` named like
cpu0<custom_data_here>` and it will pass: 
      if (sscanf(dp->d_name, "cpu%d\n", &cpu_index) != 1)
         continue;
inside hud_get_num_cpufreq function.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/mesa-dev/attachments/20180227/61293a94/attachment.html>