[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: Re: kdeutils/klaptopdaemon [POSSIBLY UNSAFE]
From: George Staikos <staikos () kde ! org>
Date: 2002-12-06 16:04:22
[Download RAW message or body]
On Friday 06 December 2002 10:12, Lubos Lunak wrote:
> CVS commit by lunakl:
>
> Max size limit for scanf(). Not that I expect this to overflow, but %s
> in scanf() without a size limit is simply baaaaad.
> f = fopen("/proc/apm", "r");
> if (f == NULL)
> return(1);
> - s = fscanf(f, "%s %d.%d %x %x %x %x %d%% %d %s\n",
> + s = fscanf(f, "%255s %d.%d %x %x %x %x %d%% %d %s\n",
Hehehehe if your /proc filesystem is untrusted..... Good to fix anyways
though.
--
George Staikos
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic