Accueil Explorer Aide
S'inscrire Connexion
Apq
/
389-ds-base
miroir de https://github.com/389ds/389-ds-base.git
1
0
Fork 0
Fichiers Tickets 0 Wiki
Parcourir la source

Ticket #47746 - ldap/servers/slapd/back-ldbm/dblayer.c: possible minor problem with sscanf

Description: Warning in read_metadata (dblayer.c):
> sscanf(thisline,"%[a-z]%c%s",attribute,&delimiter,value);
  (warning) scanf without field width limits can crash with huge input data.
Adding the size of the buffer to the sscanf format.

Thanks to dcb for reporting the bug and fix.

Reviewed by [email protected].
Noriko Hosoi il y a 11 ans
Parent
9df74aadfa
commit
238d8fea48
1 fichiers modifiés avec 1 ajouts et 1 suppressions
Vue séparée Afficher les stats Diff
  1. 1 1
      ldap/servers/slapd/back-ldbm/dblayer.c

+ 1 - 1
ldap/servers/slapd/back-ldbm/dblayer.c
Voir le fichier 

@@ -5302,7 +5302,7 @@ static int read_metadata(struct ldbminfo *li)
 
                     nextline++;
 
                 }
 
             }
 
-            sscanf(thisline,"%[a-z]%c%s",attribute,&delimiter,value);
 
+            sscanf(thisline,"%512[a-z]%c%128s",attribute,&delimiter,value);
 
             if (0 == strcmp("cachesize",attribute)) {
 
                 priv->dblayer_previous_cachesize = strtoul(value, NULL, 10);
 
             } else if (0 == strcmp("ncache",attribute)) {