cve-2016-10044: Check sscanf matches and syntax fixups

The test appears to work, but we were not checking that sscanf fills the expected number of fields. Also the trailing 7 probably had no effect, but is a confusing typo. Signed-off-by: Richard Palethorpe <[email protected]> Reported-by: Avinesh Kumar <[email protected]> Reviewed-by: Cyril Hrubis <[email protected]>
Avinesh · Sep 5, 2023 · fbed96c · fbed96c
1 parent 08eadc6
commit fbed96c
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/testcases/cve/cve-2016-10044.c b/testcases/cve/cve-2016-10044.c
@@ -19,7 +19,7 @@
 #include "tst_safe_stdio.h"
 #include "lapi/syscalls.h"
 
-static FILE *f;
+static FILE * f;
 
 static void cleanup(void)
 {
@@ -29,7 +29,7 @@ static void cleanup(void)
 
 static void run(void)
 {
-	void* ctx = 0;
+	void *ctx = 0;
 	char perms[8], line[BUFSIZ];
 
 	SAFE_PERSONALITY(READ_IMPLIES_EXEC);
@@ -44,7 +44,7 @@ static void run(void)
 	tst_brk(TCONF, "Could not find mapping in /proc/self/maps");
 
 found_mapping:
-	if (sscanf(line, "%*x-%*x %s7", perms) < 0)
+	if (sscanf(line, "%*x-%*x %s", perms) != 1)
 		tst_brk(TBROK, "failed to find permission string in %s", line);
 	if (strchr(perms, (int)'x'))
 		tst_res(TFAIL, "AIO mapping is executable: %s!", perms);