diff options
author | Alan Coopersmith <alan.coopersmith@oracle.com> | 2011-11-22 22:58:52 -0800 |
---|---|---|
committer | Alan Coopersmith <alan.coopersmith@oracle.com> | 2011-11-30 18:56:36 -0800 |
commit | c358556c1badee4d8b75e23f1cd84abff393b6ac (patch) | |
tree | d27a6d896575bd8dac7995658ff4aaf41a17273e | |
parent | 24d38c420d5d60c988f07dd25f7fa81171dac64f (diff) |
Add size limit to scanf string specifier
While it's tempting to just switch to fgets(), that would require
implementing our own whitespace stripping to match the current
scanf behavior.
Fixes parfait static analysis warning:
Error: Buffer overrun
Buffer overflow (CWE 120): Use of fscanf(%s), with buffer 'buf'
at line 135 of app/xsm/lock.c in function 'GetLockId'.
[ This bug was found by the Parfait 0.3.7 bug checking tool.
For more information see http://labs.oracle.com/projects/parfait/ ]
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>
-rw-r--r-- | lock.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -132,7 +132,7 @@ GetLockId(const char *session_name) } buf[0] = '\0'; - fscanf (fp, "%s\n", buf); + fscanf (fp, "%255s\n", buf); ret = XtNewString (buf); fclose (fp); |