From fdfe840e480c56dc1119c31bb4fcc211b1b9b46f Mon Sep 17 00:00:00 2001
From: One Thousand Gnomes <gnomes@lxorguk.ukuu.org.uk>
Date: Tue, 17 Dec 2013 15:07:31 +0000
Subject: [PATCH] cpupower: Fix sscanf robustness in cpufreq-set

The cpufreq-set tool has a missing length check. This is basically
just correctness but still should get fixed.

One of a set of sscanf problems reported by Jackie Chang

Signed-off-by: Alan Cox <alan@linux.intel.com>
[rjw: Subject]
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
---
 tools/power/cpupower/utils/cpufreq-set.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/power/cpupower/utils/cpufreq-set.c b/tools/power/cpupower/utils/cpufreq-set.c
index dd1539eb8c63..a416de80c55e 100644
--- a/tools/power/cpupower/utils/cpufreq-set.c
+++ b/tools/power/cpupower/utils/cpufreq-set.c
@@ -257,7 +257,7 @@ int cmd_freq_set(int argc, char **argv)
 				print_unknown_arg();
 				return -EINVAL;
 			}
-			if ((sscanf(optarg, "%s", gov)) != 1) {
+			if ((sscanf(optarg, "%19s", gov)) != 1) {
 				print_unknown_arg();
 				return -EINVAL;
 			}
-- 
GitLab