From: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Sat, 8 Dec 2018 18:46:59 +0000 (-0800)
Subject: Fix potential stack overflow [BZ #23490]
X-Git-Tag: glibc-2.29~222
X-Git-Url: https://sourceware.org/git/?a=commitdiff_plain;h=b93f4052fc171f456c8f594d4ae4aeb02ec5b3b6;p=glibc.git

Fix potential stack overflow [BZ #23490]

Since we are expecting the exact "IBT" string, adjust stack buffer size
and scanf format accordingly.
---

diff --git a/ChangeLog b/ChangeLog
index 7c4b061ec5..03cbe04ddb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2018-12-08  Paul Pluzhnikov  <ppluzhnikov@google.com>
+
+	[BZ #23490]
+	* sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
+	(do_test): Adjust buffer size and fix format.
+
 2018-12-07  DJ Delorie  <dj@redhat.com>
 
 	[BZ #23907]
diff --git a/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c b/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
index 0531074ceb..259ef44eb8 100644
--- a/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
+++ b/sysdeps/unix/sysv/linux/x86/tst-cet-property-2.c
@@ -44,9 +44,9 @@ sig_handler (int signo)
 static int
 do_test (void)
 {
-  char buf[20];
+  char buf[4];
 
-  if (scanf ("%20s", buf) != 1)
+  if (scanf ("%3s", buf) != 1)
     FAIL_UNSUPPORTED ("IBT not supported");
 
   if (strcmp (buf, "IBT") != 0)