OpenAFS Master Repository branch, master, updated. openafs-devel-1_5_76-4627-gc6ec641
Gerrit Code Review
gerrit@openafs.org
Fri, 12 Jun 2015 09:43:26 -0400
The following commit has been merged in the master branch:
commit c6ec6410afdb21cc6f2ecdf0d36559dc8f0fc6cd
Author: Benjamin Kaduk <kaduk@mit.edu>
Date: Mon Feb 9 10:38:04 2015 -0500
Avoid unsafe scanf("%s")
Reading user input into a fixed-length buffer just to check the
first character is silly and an easy buffer overrun. gcc on
Ubuntu 13.03 warns about the unchecked return value for scanf(),
but scanf("%s") is guaranteed to either succeed or get EOF/EINTR/etc..
In any case, we don't need to use scanf() at all, here -- reuse an
idiom from BSD cp(1) and loop around getchar to read the user's
response, eliminating the fixed-length buffer entirely. A separate
initial loop is needed to skip leading whitespace, which is done
implicitly by scanf().
Change-Id: Ic5ed65e80146aa3d08a4b03c213f748ef088156b
Reviewed-on: http://gerrit.openafs.org/11758
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Chas Williams <3chas3@gmail.com>
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Reviewed-by: Perry Ruiter <pruiter@sinenomine.net>
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
src/uss/uss_vol.c | 12 +++++++++---
1 files changed, 9 insertions(+), 3 deletions(-)
--
OpenAFS Master Repository