From 34ad9512bb42922fb4c857072263d3fe682fa3de Mon Sep 17 00:00:00 2001 From: Neil Brown Date: Fri, 20 Apr 2007 12:42:20 +1000 Subject: [PATCH] sscanf safety. Don't scanf unlimited strings: set a limit of 255 chars. --- pmap_set.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pmap_set.c b/pmap_set.c index 697735a..c59a11d 100644 --- a/pmap_set.c +++ b/pmap_set.c @@ -48,9 +48,9 @@ static int parse_line(char *buf, u_long *prog, u_long *vers, int *prot, unsigned *port) { - char proto_name[BUFSIZ]; + char proto_name[256]; - if (sscanf(buf, "%lu %lu %s %u", prog, vers, proto_name, port) != 4) { + if (sscanf(buf, "%lu %lu %255s %u", prog, vers, proto_name, port) != 4) { return (0); } if (strcmp(proto_name, "tcp") == 0) { -- 2.39.5