lib/50609: lib/libusbhid/usage.c: 3 * missing ranges in scanf

To: lib-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: lib/50609: lib/libusbhid/usage.c: 3 * missing ranges in scanf
From: dcb314%hotmail.com@localhost
Date: Sat, 2 Jan 2016 14:05:01 +0000 (UTC)

>Number:         50609
>Category:       lib
>Synopsis:       lib/libusbhid/usage.c: 3 * missing ranges in scanf
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    lib-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Jan 02 14:05:01 +0000 2016
>Originator:     David Binderman
>Release:        cvs dated 20160102
>Organization:
>Environment:
>Description:
1.

[lib/libusbhid/usage.c:97]: (warning) scanf without field width limits can crash with huge input data.

       if (sscanf(line, " * %[^\n]", name) == 1)

but

    char line[100], name[100], *p, *n;

2.

[lib/libusbhid/usage.c:99]: (warning) scanf without field width limits can crash with huge input data.

        else if (sscanf(line, " 0x%x %[^\n]", &no, name) != 2 &&

3.

[lib/libusbhid/usage.c:100]: (warning) scanf without field width limits can crash with huge input data.

           sscanf(line, " %d %[^\n]", &no, name) != 2)

>How-To-Repeat:

>Fix:

Prev by Date: kern/50608: udf fails the fs/vfs/t_vnops::create_many test
Next by Date: Re: bin/50574 (lib/libutil/t_parsedate:relative test fails at times)
Previous by Thread: kern/50608: udf fails the fs/vfs/t_vnops::create_many test
Next by Thread: Re: lib/50609: lib/libusbhid/usage.c: 3 * missing ranges in scanf
Indexes:

Home | Main Index | Thread Index | Old Index