Site Navigation

Date:      Wed, 5 Dec 2018 13:28:46 +0000 (UTC)
From:      Slava Shwartsman <slavash@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r341541 - head/contrib/ofed/opensm/opensm
Message-ID:  <201812051328.wB5DSklg070750@repo.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

Author: slavash
Date: Wed Dec  5 13:28:46 2018
New Revision: 341541
URL: https://svnweb.freebsd.org/changeset/base/341541

Log:
  opensm: Use precision specifier for scanf
  
  If user input a string larger than the length of buffer, the stack
  memory will be corrupted.
  
  Approved by:    hselasky (mentor)
  MFC after:      1 week
  Sponsored by:   Mellanox Technologies

Modified:
  head/contrib/ofed/opensm/opensm/main.c

Modified: head/contrib/ofed/opensm/opensm/main.c
==============================================================================
--- head/contrib/ofed/opensm/opensm/main.c	Wed Dec  5 13:28:17 2018	(r341540)
+++ head/contrib/ofed/opensm/opensm/main.c	Wed Dec  5 13:28:46 2018	(r341541)
@@ -492,7 +492,7 @@ static ib_net64_t get_port_guid(IN osm_opensm_t * p_os
 		fflush(stdout);
 		if (scanf("%u", &choice) <= 0) {
 			char junk[128];
-			if (scanf("%s", junk) <= 0)
+			if (scanf("%127s", junk) <= 0)
 				printf("\nError: Cannot scan!\n");
 		} else if (choice == 0)
 			return 0;

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201812051328.wB5DSklg070750>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact