From: Boris Egorov <egorov@linux.com>
Date: Tue, 19 Jan 2016 05:45:15 +0000 (+0600)
Subject: readprofile: add scanf field width limits [cppcheck]
X-Git-Tag: v2.28-rc1~188
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=01b63fcca2908fe72c0577205bc731b3f0d9a849;p=thirdparty%2Futil-linux.git

readprofile: add scanf field width limits [cppcheck]

[sys-utils/readprofile.c:301]: (warning) scanf without field width limits can crash with huge input data.
[sys-utils/readprofile.c:322]: (warning) scanf without field width limits can crash with huge input data.
---

diff --git a/sys-utils/readprofile.c b/sys-utils/readprofile.c
index 3ba866e24e..39a24deda3 100644
--- a/sys-utils/readprofile.c
+++ b/sys-utils/readprofile.c
@@ -298,7 +298,7 @@ int main(int argc, char **argv)
 		err(EXIT_FAILURE, "%s", mapFile);
 
 	while (fgets(mapline, S_LEN, map)) {
-		if (sscanf(mapline, "%llx %s %s", &fn_add, mode, fn_name) != 3)
+		if (sscanf(mapline, "%llx %7[^\n ] %127[^\n ]", &fn_add, mode, fn_name) != 3)
 			errx(EXIT_FAILURE, _("%s(%i): wrong map line"), mapFile,
 			     maplineno);
 		/* only elf works like this */
@@ -319,7 +319,7 @@ int main(int argc, char **argv)
 		unsigned int this = 0;
 		int done = 0;
 
-		if (sscanf(mapline, "%llx %s %s", &next_add, mode, next_name) != 3)
+		if (sscanf(mapline, "%llx %7[^\n ] %127[^\n ]", &next_add, mode, next_name) != 3)
 			errx(EXIT_FAILURE, _("%s(%i): wrong map line"), mapFile,
 			     maplineno);
 		header_printed = 0;