From 910d392806be7457f95aaab73e81abe20772bd05 Mon Sep 17 00:00:00 2001
From: Hannes Eder <heder@google.com>
Date: Thu, 8 Oct 2009 18:06:04 +0200
Subject: conntrack: use fscanf() instead of read() for showing counter

Read an integer right away with fscanf() instead of read()-ing to a
buffer, which was actually to small for the terminating '\0', and
atoi()-ing.  Furthermore read() might not read enough, though unlikely
here.

Signed-off-by: Hannes Eder <heder@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/conntrack.c | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

(limited to 'src/conntrack.c')

diff --git a/src/conntrack.c b/src/conntrack.c
index 8e546ab..eec3868 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -1445,19 +1445,18 @@ int main(int argc, char *argv[])
 		break;
 	case CT_COUNT: {
 #define NF_CONNTRACK_COUNT_PROC "/proc/sys/net/netfilter/nf_conntrack_count"
-		int fd, count;
-		char buf[strlen("2147483647")];	/* INT_MAX */
-		fd = open(NF_CONNTRACK_COUNT_PROC, O_RDONLY);
-		if (fd == -1) {
+		FILE *fd;
+		int count;
+		fd = fopen(NF_CONNTRACK_COUNT_PROC, "r");
+		if (fd == NULL) {
 			exit_error(OTHER_PROBLEM, "Can't open %s",
 				   NF_CONNTRACK_COUNT_PROC);
 		}
-		if (read(fd, buf, sizeof(buf)) == -1) {
+		if (fscanf(fd, "%d", &count) != 1) {
 			exit_error(OTHER_PROBLEM, "Can't read %s",
 				   NF_CONNTRACK_COUNT_PROC);
 		}
-		close(fd);
-		count = atoi(buf);
+		fclose(fd);
 		printf("%d\n", count);
 		break;
 	}
-- 
cgit v1.2.3