From a0aea2aa2e81077612ddc05d3fb552ee5908fd15 Mon Sep 17 00:00:00 2001 From: "Darryl L. Miles" Date: Sun, 29 Sep 2024 23:00:00 +0100 Subject: [PATCH] gcr/gcrDebug.c Add a field width specifier to this "%s" placeholder. Unbounded local buffer used in fscanf() string extraction call. Add width to specified to ensure truncation as 24 character instead of buffer overflow. SonarCloud https://sonarcloud.io/project/issues?open=AZJB17OzNGfDNup0Rj9x&id=dlmiles_magic --- gcr/gcrDebug.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gcr/gcrDebug.c b/gcr/gcrDebug.c index dfb02ece..0af716b6 100644 --- a/gcr/gcrDebug.c +++ b/gcr/gcrDebug.c @@ -195,7 +195,7 @@ gcrMakeChannel(ch, fp) * p and P mean poly is blocked. Upper case means vacate the * column, lower case means vacate the track. */ - if (fscanf(fp, "%s", s) != 1) + if (fscanf(fp, "%24s", s) != 1) { TxError("Format error in router input file\n"); return (FALSE);