#47746 ldap/servers/slapd/back-ldbm/dblayer.c: possible minor problem with sscanf
Closed: wontfix None Opened 10 years ago by dcb.

[ldap/servers/slapd/back-ldbm/dblayer.c:5294]: (warning) scanf without field width limits can crash with huge input data.

Source code is

sscanf(thisline,"%[a-z]%c%s",attribute,&delimiter,value);

but

char value[128], delimiter;

Maybe

sscanf(thisline,"%[a-z]%c%128s",attribute,&delimiter,value);

would be better code.


Description: Warning in read_metadata (dblayer.c):

sscanf(thisline,"%[a-z]%c%s",attribute,&delimiter,value);
(warning) scanf without field width limits can crash with huge input data.
Adding the size of the buffer to the sscanf format.

Thanks to dcb for reporting the bug and fix.

Reviewed by nhosoi.

Pushed to master:
9df74aa..238d8fe master -> master
commit 238d8fe

Metadata Update from @nhosoi:
- Issue set to the milestone: 1.3.3 - 8/14 (August)

7 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/1078

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Fixed)

3 years ago

Login to comment on this ticket.

Metadata