luke
/
magic
mirror of https://github.com/RTimothyEdwards/magic.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

gcr/gcrDebug.c Add a field width specifier to this "%s" placeholder. 

Unbounded local buffer used in fscanf() string extraction call.
Add width to specified to ensure truncation as 24 character instead
of buffer overflow.

SonarCloud https://sonarcloud.io/project/issues?open=AZJB17OzNGfDNup0Rj9x&id=dlmiles_magic
This commit is contained in:
Darryl L. Miles 2024-09-29 23:00:00 +01:00 committed by Tim Edwards
parent 29ee094074
commit a0aea2aa2e
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
gcr/gcrDebug.c
View File

@ -195,7 +195,7 @@ gcrMakeChannel(ch, fp)
* p and P mean poly is blocked. Upper case means vacate the
* column, lower case means vacate the track.
*/
if (fscanf(fp, "%s", s) != 1)
if (fscanf(fp, "%24s", s) != 1)
{
TxError("Format error in router input file\n");
return (FALSE);