!700 添加检查sscanf函数的返回值，防止返回值是EOF错误引发问题

From: @protkhn Reviewed-by: @xujing99 Signed-off-by: @xujing99
2024-08-16 07:07:48 +00:00 · 2024-08-16 07:07:48 +00:00 · 0c7ade0127
commit 0c7ade0127
parent 35c87d3a05 1e8ef58a6f
2 changed files with 35 additions and 1 deletions
--- a/backport-fix-cgtop-sscanf-return-code-checks.patch
+++ b/backport-fix-cgtop-sscanf-return-code-checks.patch
@ -0,0 +1,30 @@
+From bab356f5a0b8d4a43a71076c2333ff4da7ed737e Mon Sep 17 00:00:00 2001
+From: Luca Boccassi <bluca@debian.org>
+Date: Fri, 19 Jan 2024 15:12:49 +0000
+Subject: [PATCH] cgtop: fix sscanf return code checks
+
+sscanf can return EOF on error, so check that we get a result instead.
+
+CodeQL#2386 and CodeQL#2387
+
+(cherry picked from commit 204d52c4b79eb19d2919cb5214e999c58a6679c6)
+---
+ src/cgtop/cgtop.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/cgtop/cgtop.c b/src/cgtop/cgtop.c
+index e34da7cf728..ca514554408 100644
+--- a/src/cgtop/cgtop.c
+++ b/src/cgtop/cgtop.c
+@@ -310,9 +310,9 @@ static int process(
+ 
+                         if (all_unified) {
+                                 while (!isempty(l)) {
+-                                        if (sscanf(l, "rbytes=%" SCNu64, &k))
+                                        if (sscanf(l, "rbytes=%" SCNu64, &k) == 1)
+                                                 rd += k;
+-                                        else if (sscanf(l, "wbytes=%" SCNu64, &k))
+                                        else if (sscanf(l, "wbytes=%" SCNu64, &k) == 1)
+                                                 wr += k;
+ 
+                                         l += strcspn(l, WHITESPACE);
--- a/systemd.spec
+++ b/systemd.spec
@ -25,7 +25,7 @@
 Name:           systemd
 Url:            https://systemd.io/
 Version:        249
-Release:        83
+Release:        84
 License:        MIT and LGPLv2+ and GPLv2+
 Summary:        System and Service Manager

@ -677,6 +677,7 @@ Patch6624:      backport-unit-don-t-gc-unit-in-oom-queue.patch
 Patch6625:      backport-core-do-not-GC-units-jobs-that-are-in-the-D-Bus-queu.patch
 Patch6626:      backport-Update-hwdb.patch
 Patch6627:      backport-sd-event-fix-fd-leak-when-fd-is-owned-by-IO-event-so.patch
+Patch6628:      backport-fix-cgtop-sscanf-return-code-checks.patch

 Patch9001:      update-rtc-with-system-clock-when-shutdown.patch
 Patch9002:      udev-add-actions-while-rename-netif-failed.patch
@ -2191,6 +2192,9 @@ grep -q -E '^KEYMAP="?fi-latin[19]"?' /etc/vconsole.conf 2>/dev/null &&
 /usr/bin/systemd-cryptenroll

 %changelog
+* Thu Aug 1 2024 Han Jinpeng <hanjinpeng@kylinos.cn> - 249-84
+- backport: fix cgtop sscanf return code checks
+
 * Thu Jul 18 2024 gengqihu <gengqihu2@h-partners.com> - 249-83
 - add backport-sd-event-fix-fd-leak-when-fd-is-owned-by-IO-event-so.patch