Fix one-byte buffer overflow: NUL gets written to the buffer, but isn't

counted in the width specification in scanf. This is not a security problem, since this function is only used to parse a user's configuration file. Submitted by: Joerg Sonnenberger Obtained from: dragonflybsd MFC after: 1 week
2008-04-15 23:29:51 +00:00 · 2008-04-15 23:29:51 +00:00 · fc2841a92f
commit fc2841a92f
parent 688e303c19
1 changed files with 1 additions and 1 deletions
--- a/lib/libfetch/common.c
+++ b/lib/libfetch/common.c
@ -655,7 +655,7 @@ fetch_read_word(FILE *f)
 {
 	static char word[1024];

-	if (fscanf(f, " %1024s ", word) != 1)
+	if (fscanf(f, " %1023s ", word) != 1)
 		return (NULL);
 	return (word);
 }