TREX/trexio
1
0
Fork 0
mirror of https://github.com/TREX-CoE/trexio.git synced 2025-01-03 10:06:01 +01:00
Code Issues Projects Releases Wiki Activity

Fix potential buffer overflows in text back end

Browse Source
This commit is contained in:
q-posev 2022-07-08 12:26:23 +02:00
parent 1bc4fe44e3
commit 3cd7cac8f1
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/templates_text/templator_text.org
View File

@ -420,13 +420,14 @@ trexio_text_read_$group$ (trexio_text_t* const file)
/* conventional fcanf with "%s" only return the string before the first space character
* to read string with spaces use "%[^\n]" possible with space before or after, i.e. " %[^\n]"
*/
rc = fscanf(f, " %1023[^\n]", tmp_$group_dset$);
rc = fscanf(f, " %1023[^\n]", buffer);
if (rc != 1) {
trexio_text_free_read_$group$(buffer, f, file, $group$);
return NULL;
}
size_t tmp_$group_dset$_len = strlen($group$->$group_dset$[i]);
size_t tmp_$group_dset$_len = strlen(buffer);
strncpy(tmp_$group_dset$, buffer, tmp_$group_dset$_len + 1);
tmp_$group_dset$ += tmp_$group_dset$_len + 1;
}
}
@ -484,14 +485,15 @@ trexio_text_read_$group$ (trexio_text_t* const file)
return NULL;
}
rc = fscanf(f, " %1023[^\n]", $group$->$group_str$);
rc = fscanf(f, " %1023[^\n]", buffer);
if (rc != 1) {
trexio_text_free_read_$group$(buffer, f, file, $group$);
return NULL;
}
/* Safer string conversion to avoid buffer overflow in fscanf */
strncpy($group$->$group_str$, buffer, $group$->len_$group_str$);
}
// END REPEAT GROUP_ATTR_STR
} else {
continue;