From: Neil Brown <neilb@notabene.brown>
Date: Fri, 20 Apr 2007 02:42:20 +0000 (+1000)
Subject: sscanf safety.
X-Git-Tag: portmap_6.0~20
X-Git-Url: http://git.neil.brown.name/?a=commitdiff_plain;h=34ad9512bb42922fb4c857072263d3fe682fa3de;p=portmap.git

sscanf safety.

Don't scanf unlimited strings: set a limit of 255 chars.
---

diff --git a/pmap_set.c b/pmap_set.c
index 697735a..c59a11d 100644
--- a/pmap_set.c
+++ b/pmap_set.c
@@ -48,9 +48,9 @@ static int
 parse_line(char *buf, u_long *prog, u_long *vers,
 	   int *prot, unsigned *port)
 {
-    char    proto_name[BUFSIZ];
+    char    proto_name[256];
 
-    if (sscanf(buf, "%lu %lu %s %u", prog, vers, proto_name, port) != 4) {
+    if (sscanf(buf, "%lu %lu %255s %u", prog, vers, proto_name, port) != 4) {
 	return (0);
     }
     if (strcmp(proto_name, "tcp") == 0) {