app/xsm - X Session Manager

diff options

author	Alan Coopersmith <alan.coopersmith@oracle.com>	2011-11-22 22:58:52 -0800
committer	Alan Coopersmith <alan.coopersmith@oracle.com>	2011-11-30 18:56:36 -0800
commit	c358556c1badee4d8b75e23f1cd84abff393b6ac (patch)
tree	d27a6d896575bd8dac7995658ff4aaf41a17273e /signals.c
parent	24d38c420d5d60c988f07dd25f7fa81171dac64f (diff)

Add size limit to scanf string specifier

While it's tempting to just switch to fgets(), that would require implementing our own whitespace stripping to match the current scanf behavior. Fixes parfait static analysis warning: Error: Buffer overrun Buffer overflow (CWE 120): Use of fscanf(%s), with buffer 'buf' at line 135 of app/xsm/lock.c in function 'GetLockId'. [ This bug was found by the Parfait 0.3.7 bug checking tool. For more information see http://labs.oracle.com/projects/parfait/ ] Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com> Reviewed-by: Jeremy Huddleston <jeremyhu@apple.com>

Diffstat (limited to 'signals.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: