[opensm] Use precision specifier for scanf

Commit Message

Honggang LI Oct. 12, 2018, 11:54 a.m. UTC

From: Honggang Li <honli@redhat.com>

If user input a string larger than the length of buffer, the stack memory
will be corrupted.

Signed-off-by: Honggang Li <honli@redhat.com>
---
 opensm/main.c     | 2 +-
 osmtest/osmtest.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Comments

Hal Rosenstock Oct. 12, 2018, 12:36 p.m. UTC | #1

On 10/12/2018 7:54 AM, Honggang LI wrote:
> From: Honggang Li <honli@redhat.com>
> 
> If user input a string larger than the length of buffer, the stack memory
> will be corrupted.
> 
> Signed-off-by: Honggang Li <honli@redhat.com>

Thanks. Applied.

-- Hal

Patch

diff --git a/opensm/main.c b/opensm/main.c
index 2d23fe2b..8def799c 100644
--- a/opensm/main.c
+++ b/opensm/main.c
@@ -499,7 +499,7 @@  static ib_net64_t get_port_guid(IN osm_opensm_t * p_osm, uint64_t port_guid)
 		fflush(stdout);
 		if (scanf("%u", &choice) <= 0) {
 			char junk[128];
-			if (scanf("%s", junk) <= 0)
+			if (scanf("%127s", junk) <= 0)
 				printf("\nError: Cannot scan!\n");
 		} else if (choice == 0)
 			return 0;
diff --git a/osmtest/osmtest.c b/osmtest/osmtest.c
index 281b247a..fa2e0704 100644
--- a/osmtest/osmtest.c
+++ b/osmtest/osmtest.c
@@ -7352,7 +7352,7 @@  osmtest_get_user_port(IN osmtest_t * const p_osmt,
 		fflush(stdout);
 		if (scanf("%u", &choice) <= 0) {
 			char junk[256];
-			if (scanf("%s", junk) <= 0)
+			if (scanf("%255s", junk) <= 0)
 				printf("\nError: Cannot scan!\n");
 		} else if (choice && choice <= num_ports)
 			break;