On Friday 06 December 2002 10:12, Lubos Lunak wrote:
> CVS commit by lunakl:
>
> Max size limit for scanf(). Not that I expect this to overflow, but %s
> in scanf() without a size limit is simply baaaaad.
>  	f = fopen("/proc/apm", "r");
>  	if (f == NULL)
>  		return(1);
> -	s = fscanf(f, "%s %d.%d %x %x %x %x %d%% %d %s\n",
> +	s = fscanf(f, "%255s %d.%d %x %x %x %x %d%% %d %s\n",

  Hehehehe if your /proc filesystem is untrusted.....   Good to fix anyways 
though.

-- 

George Staikos