commit 5b9437df99b0351d7e94a61c9f599d9031f24c08
author Elliott Hughes <enh@google.com> Tue Dec 10 17:35:25 2013 -0800
committer Android Git Automerger <android-git-automerger@android.com> Tue Dec 10 17:35:25 2013 -0800
tree 192670407686a1757320101334b49f53f74ae221
parent f70d7b9aced31b978b63c4cfb2a5efee31436ba8
parent 4a72b3064cecc85c56b8d75bb4a2d9fedbf76ec8

am 4a72b306: Merge "fix possible buffer overrun and memory leak"

* commit '4a72b3064cecc85c56b8d75bb4a2d9fedbf76ec8':
  fix possible buffer overrun and memory leak

core/jni/android_util_Binder.cpp

diff --git a/core/jni/android_util_Binder.cpp b/core/jni/android_util_Binder.cpp
index 3ac2225..259d030 100644
--- a/core/jni/android_util_Binder.cpp
+++ b/core/jni/android_util_Binder.cpp
@@ -943,13 +943,20 @@
 }
 
 static int getprocname(pid_t pid, char *buf, size_t len) {
-    char filename[20];
+    char filename[32];
     FILE *f;
 
-    sprintf(filename, "/proc/%d/cmdline", pid);
+    snprintf(filename, sizeof(filename), "/proc/%d/cmdline", pid);
     f = fopen(filename, "r");
-    if (!f) { *buf = '\0'; return 1; }
-    if (!fgets(buf, len, f)) { *buf = '\0'; return 2; }
+    if (!f) {
+        *buf = '\0';
+        return 1;
+    }
+    if (!fgets(buf, len, f)) {
+        *buf = '\0';
+        fclose(f);
+        return 2;
+    }
     fclose(f);
     return 0;
 }