From kde-commits  Fri Dec 06 15:12:16 2002
From: Lubos Lunak <l.lunak () kde ! org>
Date: Fri, 06 Dec 2002 15:12:16 +0000
To: kde-commits
Subject: kdeutils/klaptopdaemon [POSSIBLY UNSAFE]
X-MARC-Message: https://marc.info/?l=kde-commits&m=103918764812251

CVS commit by lunakl: 

Max size limit for scanf(). Not that I expect this to overflow, but %s
in scanf() without a size limit is simply baaaaad.


  M +2 -2      portable.cpp   1.34 [POSSIBLY UNSAFE]


--- kdeutils/klaptopdaemon/portable.cpp:1.33	Fri Nov 29 04:37:47 2002
@@ -1,7 +1,7 @@
 /*
  * portable.cpp
  *
- * $Id: portable.cpp,v 1.33 2002/11/29 03:37:47 staikos Exp $
+ * $Id: portable.cpp,v 1.34 2002/12/06 15:12:16 lunakl Exp $
  *
  * Copyright (c) 1999 Paul Campbell <paul@taniwha.com>
  *
@@ -104,7 +104,7 @@
 	f = fopen("/proc/apm", "r");
 	if (f == NULL)
 		return(1);
-	s = fscanf(f, "%s %d.%d %x %x %x %x %d%% %d %s\n",
+	s = fscanf(f, "%255s %d.%d %x %x %x %x %d%% %d %s\n",
 		version,
 		&tmp,
 		&tmp,