The following commit has been merged in the master branch:
commit c6ec6410afdb21cc6f2ecdf0d36559dc8f0fc6cd
Author: Benjamin Kaduk <[email protected]>
Date: Mon Feb 9 10:38:04 2015 -0500
Avoid unsafe scanf("%s")
Reading user input into a fixed-length buffer just to check the
first character is silly and an easy buffer overrun. gcc on
Ubuntu 13.03 warns about the unchecked return value for scanf(),
but scanf("%s") is guaranteed to either succeed or get EOF/EINTR/etc..
In any case, we don't need to use scanf() at all, here -- reuse an
idiom from BSD cp(1) and loop around getchar to read the user's
response, eliminating the fixed-length buffer entirely. A separate
initial loop is needed to skip leading whitespace, which is done
implicitly by scanf().
Change-Id: Ic5ed65e80146aa3d08a4b03c213f748ef088156b
Reviewed-on: http://gerrit.openafs.org/11758
Tested-by: BuildBot <[email protected]>
Reviewed-by: Chas Williams <[email protected]>
Reviewed-by: Benjamin Kaduk <[email protected]>
Reviewed-by: Perry Ruiter <[email protected]>
Reviewed-by: Michael Meffie <[email protected]>
Reviewed-by: Jeffrey Altman <[email protected]>
src/uss/uss_vol.c | 12 +++++++++---
1 files changed, 9 insertions(+), 3 deletions(-)
--
OpenAFS Master Repository
_______________________________________________
OpenAFS-cvs mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-cvs
