rsyslog.conf size should be checked before malloc for file content. Signed-off-by: Wenkai Lin <linwenkai6@hisilicon.com> --- wd.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/wd.c b/wd.c index ba73fd1..bb85d2e 100644 --- a/wd.c +++ b/wd.c @@ -21,6 +21,7 @@ #include "wd.h" #include "wd_alg.h" #define SYS_CLASS_DIR "/sys/class/uacce" +#define FILE_MAX_SIZE (8 << 20) enum UADK_LOG_LEVEL { WD_LOG_NONE = 0, @@ -67,6 +68,11 @@ static void wd_parse_log_level(void) goto close_file; } + if (file_info.st_size > FILE_MAX_SIZE) { + WD_ERR("failed to check rsyslog.conf size.\n"); + goto close_file; + } + file_contents = malloc(file_info.st_size); if (!file_contents) { WD_ERR("failed to get file contents memory.\n"); -- 2.33.0