From kde-commits  Fri Dec 06 16:04:22 2002
From: George Staikos <staikos () kde ! org>
Date: Fri, 06 Dec 2002 16:04:22 +0000
To: kde-commits
Subject: Re: kdeutils/klaptopdaemon [POSSIBLY UNSAFE]
X-MARC-Message: https://marc.info/?l=kde-commits&m=103919076316182

On Friday 06 December 2002 10:12, Lubos Lunak wrote:
> CVS commit by lunakl:
>
> Max size limit for scanf(). Not that I expect this to overflow, but %s
> in scanf() without a size limit is simply baaaaad.
>  	f = fopen("/proc/apm", "r");
>  	if (f == NULL)
>  		return(1);
> -	s = fscanf(f, "%s %d.%d %x %x %x %x %d%% %d %s\n",
> +	s = fscanf(f, "%255s %d.%d %x %x %x %x %d%% %d %s\n",

  Hehehehe if your /proc filesystem is untrusted.....   Good to fix anyways 
though.

-- 

George Staikos