Sadly, the compilers don't even catch this common mistake if you use
sscanf_s(3). Luckily, ASan does.
---
scripts/mkflags.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
From b98c4da07a4c4d0392be7eb8bb0be0279abdb7c4 Mon Sep 17 00:00:00 2001
From: Elliott Hughes <[email protected]>
Date: Fri, 21 Feb 2020 09:09:29 -0800
Subject: [PATCH] mkflags: fix a sscanf buffer off-by-one.
Sadly, the compilers don't even catch this common mistake if you use
sscanf_s(3). Luckily, ASan does.
---
scripts/mkflags.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/mkflags.c b/scripts/mkflags.c
index 93294884..76827e0f 100644
--- a/scripts/mkflags.c
+++ b/scripts/mkflags.c
@@ -154,7 +154,7 @@ void octane(char *from)
int main(int argc, char *argv[])
{
- char command[256], flags[1023], allflags[1024];
+ char command[256], flags[1024], allflags[1024];
char *out, *outbuf = malloc(1024*1024);
// Yes, the output buffer is 1 megabyte with no bounds checking.
--
2.25.0.265.gbab2e86ba0-goog
_______________________________________________
Toybox mailing list
[email protected]
http://lists.landley.net/listinfo.cgi/toybox-landley.net
