diff options
| author | Quentin Young <qlyoung@cumulusnetworks.com> | 2017-06-19 20:34:22 +0000 |
|---|---|---|
| committer | Quentin Young <qlyoung@cumulusnetworks.com> | 2017-06-19 20:37:43 +0000 |
| commit | c25c61370f6f1a3dc55b821bf271db73bd89f69f (patch) | |
| tree | 4341b2af323389b25925a1a71214f5302964a693 | |
| parent | 2dc1ef552b453d9e2b31599ca8d4c065dc2ccbfc (diff) | |
vtysh: fix stack buffer overflow
VARIABLE accepts arbitrary input
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
| -rw-r--r-- | vtysh/vtysh.c | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/vtysh/vtysh.c b/vtysh/vtysh.c index ffdfd5d725..76c7702fa0 100644 --- a/vtysh/vtysh.c +++ b/vtysh/vtysh.c @@ -2029,17 +2029,19 @@ DEFUNSH (VTYSH_INTERFACE, DEFUN (vtysh_show_thread, vtysh_show_thread_cmd, "show thread cpu [FILTER]", - SHOW_STR - "Thread information\n" - "Thread CPU usage\n" - "Display filter (rwtexb)\n") + SHOW_STR + "Thread information\n" + "Thread CPU usage\n" + "Display filter (rwtexb)\n") { - int idx_filter = 3; unsigned int i; + int idx = 0; int ret = CMD_SUCCESS; char line[100]; - sprintf(line, "show thread cpu %s\n", (argc == 4) ? argv[idx_filter]->arg : ""); + const char *filter = argv_find (argv, argc, "FILTER", &idx) ? argv[idx]->arg : ""; + + snprintf(line, sizeof(line), "do show thread cpu %s\n", filter); for (i = 0; i < array_size(vtysh_client); i++) if ( vtysh_client[i].fd >= 0 ) { |