'kdeutils/klaptopdaemon [POSSIBLY UNSAFE]'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-commits
Subject:    kdeutils/klaptopdaemon [POSSIBLY UNSAFE]
From:       Lubos Lunak <l.lunak () kde ! org>
Date:       2002-12-06 15:12:16
[Download RAW message or body]

CVS commit by lunakl: 

Max size limit for scanf(). Not that I expect this to overflow, but %s
in scanf() without a size limit is simply baaaaad.


  M +2 -2      portable.cpp   1.34 [POSSIBLY UNSAFE]


--- kdeutils/klaptopdaemon/portable.cpp:1.33	Fri Nov 29 04:37:47 2002
@@ -1,7 +1,7 @@
 /*
  * portable.cpp
  *
- * $Id: portable.cpp,v 1.33 2002/11/29 03:37:47 staikos Exp $
+ * $Id: portable.cpp,v 1.34 2002/12/06 15:12:16 lunakl Exp $
  *
  * Copyright (c) 1999 Paul Campbell <paul@taniwha.com>
  *
@@ -104,7 +104,7 @@
 	f = fopen("/proc/apm", "r");
 	if (f == NULL)
 		return(1);
-	s = fscanf(f, "%s %d.%d %x %x %x %x %d%% %d %s\n",
+	s = fscanf(f, "%255s %d.%d %x %x %x %x %d%% %d %s\n",
 		version,
 		&tmp,
 		&tmp,

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic