https://bugs.freedesktop.org/show_bug.cgi?id=105274
GitLab Migration User changed:
What|Removed |Added
Status|NEW |RESOLVED
Resolution|---
https://bugs.freedesktop.org/show_bug.cgi?id=105274
--- Comment #3 from Gert Wollny ---
The sscanf will accept the number and not check the rest of the string, yes,
but later in the code you have
char basename[256];
snprintf(basename, sizeof(basename),
"/sys/devices/system/cpu/%s
https://bugs.freedesktop.org/show_bug.cgi?id=105274
--- Comment #2 from vesim...@gmail.com ---
It is possible in both, you can create directory named "cpu0"
and it will be accepted by that sscanf.
The easiest fix for it is by using strcpy_s instead of strcpy.
--
You are receiving this mail beca
https://bugs.freedesktop.org/show_bug.cgi?id=105274
--- Comment #1 from Gert Wollny ---
cpufreq_info::sysfs_filename is a buffer of char[128] and the string fn is
of the same size and it is written to by using snprintf, indicating its size,
so unless I miss something the buffer overflow is only
https://bugs.freedesktop.org/show_bug.cgi?id=105274
vesim...@gmail.com changed:
What|Removed |Added
Summary|Buffer overflow in |Buffer overflow in
