[ldap/servers/slapd/back-ldbm/dblayer.c:5294]: (warning) scanf without field width limits can crash with huge input data.
Source code is
sscanf(thisline,"%[a-z]%c%s",attribute,&delimiter,value);
but
char value[128], delimiter;
Maybe
sscanf(thisline,"%[a-z]%c%128s",attribute,&delimiter,value);
would be better code.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1077884
git patch file (master) 0001-Ticket-47746-ldap-servers-slapd-back-ldbm-dblayer.c-.patch
Description: Warning in read_metadata (dblayer.c):
sscanf(thisline,"%[a-z]%c%s",attribute,&delimiter,value); (warning) scanf without field width limits can crash with huge input data. Adding the size of the buffer to the sscanf format.
Thanks to dcb for reporting the bug and fix.
Reviewed by nhosoi.
Pushed to master: 9df74aa..238d8fe master -> master commit 238d8fe
Metadata Update from @nhosoi: - Issue set to the milestone: 1.3.3 - 8/14 (August)
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/1078
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.