vtysh: fix stack buffer overflow

author Quentin Young <qlyoung@cumulusnetworks.com>

Mon, 19 Jun 2017 20:34:22 +0000 (20:34 +0000)

committer Quentin Young <qlyoung@cumulusnetworks.com>

Mon, 19 Jun 2017 20:37:43 +0000 (20:37 +0000)
author Quentin Young <qlyoung@cumulusnetworks.com>
Mon, 19 Jun 2017 20:34:22 +0000 (20:34 +0000)
committer Quentin Young <qlyoung@cumulusnetworks.com>
Mon, 19 Jun 2017 20:37:43 +0000 (20:37 +0000)
diff --git a/vtysh/vtysh.c b/vtysh/vtysh.c

index ffdfd5d7254172ed7294fb6609f772658826e3c2..76c7702fa0a83ca2cc753da635da3f07103726f9 100644 (file)
--- a/vtysh/vtysh.c
+++ b/vtysh/vtysh.c
@@ -2029,17 +2029,19 @@ DEFUNSH (VTYSH_INTERFACE,
  DEFUN (vtysh_show_thread,
         vtysh_show_thread_cmd,
         "show thread cpu [FILTER]",
-      SHOW_STR
-      "Thread information\n"
-      "Thread CPU usage\n"
-      "Display filter (rwtexb)\n")
+       SHOW_STR
+       "Thread information\n"
+       "Thread CPU usage\n"
+       "Display filter (rwtexb)\n")
  {
-  int idx_filter = 3;
    unsigned int i;
+  int idx = 0;
    int ret = CMD_SUCCESS;
    char line[100];
  
-  sprintf(line, "show thread cpu %s\n", (argc == 4) ? argv[idx_filter]->arg : "");
+  const char *filter = argv_find (argv, argc, "FILTER", &idx) ? argv[idx]->arg : "";
+
+  snprintf(line, sizeof(line), "do show thread cpu %s\n", filter);
    for (i = 0; i < array_size(vtysh_client); i++)
      if ( vtysh_client[i].fd >= 0 )
        {
author	Quentin Young <qlyoung@cumulusnetworks.com>
	Mon, 19 Jun 2017 20:34:22 +0000 (20:34 +0000)
committer	Quentin Young <qlyoung@cumulusnetworks.com>
	Mon, 19 Jun 2017 20:37:43 +0000 (20:37 +0000)