Date: Wed, 12 Dec 2018 11:39:10 +0000 (UTC) From: Hans Petter Selasky <hselasky@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r341897 - stable/11/contrib/ofed/opensm/opensm Message-ID: <201812121139.wBCBdAVR052142@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: hselasky Date: Wed Dec 12 11:39:09 2018 New Revision: 341897 URL: https://svnweb.freebsd.org/changeset/base/341897 Log: MFC r341541: opensm: Use precision specifier for scanf If user input a string larger than the length of buffer, the stack memory will be corrupted. Sponsored by: Mellanox Technologies Modified: stable/11/contrib/ofed/opensm/opensm/main.c Directory Properties: stable/11/ (props changed) Modified: stable/11/contrib/ofed/opensm/opensm/main.c ============================================================================== --- stable/11/contrib/ofed/opensm/opensm/main.c Wed Dec 12 11:39:00 2018 (r341896) +++ stable/11/contrib/ofed/opensm/opensm/main.c Wed Dec 12 11:39:09 2018 (r341897) @@ -492,7 +492,7 @@ static ib_net64_t get_port_guid(IN osm_opensm_t * p_os fflush(stdout); if (scanf("%u", &choice) <= 0) { char junk[128]; - if (scanf("%s", junk) <= 0) + if (scanf("%127s", junk) <= 0) printf("\nError: Cannot scan!\n"); } else if (choice == 0) return 0;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201812121139.wBCBdAVR052142>