Home Esplora Aiuto
Registrati Accedi
Apq
/
389-ds-base
mirror da https://github.com/389ds/389-ds-base.git
1
0
Forka 0
File Problemi 0 Wiki
Sfoglia il codice sorgente

Ticket #47746 - ldap/servers/slapd/back-ldbm/dblayer.c: possible minor problem with sscanf

Description: Warning in read_metadata (dblayer.c):
> sscanf(thisline,"%[a-z]%c%s",attribute,&delimiter,value);
  (warning) scanf without field width limits can crash with huge input data.
Adding the size of the buffer to the sscanf format.

Thanks to dcb for reporting the bug and fix.

Reviewed by [email protected].
Noriko Hosoi 11 anni fa
parent
9df74aadfa
commit
238d8fea48
1 ha cambiato i file con 1 aggiunte e 1 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 1 1
      ldap/servers/slapd/back-ldbm/dblayer.c

+ 1 - 1
ldap/servers/slapd/back-ldbm/dblayer.c
Vedi File 

@@ -5302,7 +5302,7 @@ static int read_metadata(struct ldbminfo *li)
 
                     nextline++;
 
                 }
 
             }
 
-            sscanf(thisline,"%[a-z]%c%s",attribute,&delimiter,value);
 
+            sscanf(thisline,"%512[a-z]%c%128s",attribute,&delimiter,value);
 
             if (0 == strcmp("cachesize",attribute)) {
 
                 priv->dblayer_previous_cachesize = strtoul(value, NULL, 10);
 
             } else if (0 == strcmp("ncache",attribute)) {