From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.186.70.92] (port=45962 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PgOsN-00087e-Og for qemu-devel@nongnu.org; Fri, 21 Jan 2011 16:50:36 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1PgOsM-0006OH-5n for qemu-devel@nongnu.org; Fri, 21 Jan 2011 16:50:35 -0500 Received: from moutng.kundenserver.de ([212.227.126.171]:56250) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1PgOsL-0006MF-Pn for qemu-devel@nongnu.org; Fri, 21 Jan 2011 16:50:34 -0500 From: Stefan Weil Date: Fri, 21 Jan 2011 22:50:30 +0100 Message-Id: <1295646630-31217-1-git-send-email-weil@mail.berlios.de> Subject: [Qemu-devel] [PATCH 2/3] check-qdict: Fix possible crash List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: QEMU Developers This warning is reported by cppcheck: check-qdict.c:270: warning: scanf without field width limits can crash with huge input data Fix it by limiting the field widths to 127 (both key and value take 127 characters + a terminating '\0' byte). Signed-off-by: Stefan Weil --- check-qdict.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/check-qdict.c b/check-qdict.c index 6afce5a..ecc7fd7 100644 --- a/check-qdict.c +++ b/check-qdict.c @@ -267,8 +267,9 @@ static QString *read_line(FILE *file, char *key) { char value[128]; - if (fscanf(file, "%s%s", key, value) == EOF) + if (fscanf(file, "%127s%127s", key, value) == EOF) { return NULL; + } remove_dots(key); return qstring_from_str(value); } -- 1.7.2.3