[Bug other/60548] New: [libvtv/scripts/sum-vtv-counts.c:108]: (warning) scanf without field width limit s can crash with huge input data.

public inbox for gcc-bugs@sourceware.org
help / color / mirror / Atom feed

* [Bug other/60548] New: [libvtv/scripts/sum-vtv-counts.c:108]: (warning) scanf without field width limit s can crash with huge input data.
@ 2014-03-17  8:10 dcb314 at hotmail dot com
  2014-03-17  8:18 ` [Bug other/60548] " dcb314 at hotmail dot com
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: dcb314 at hotmail dot com @ 2014-03-17  8:10 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60548

            Bug ID: 60548
           Summary: [libvtv/scripts/sum-vtv-counts.c:108]: (warning) scanf
                    without field width limit s can crash with huge input
                    data.
           Product: gcc
           Version: 4.9.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: other
          Assignee: unassigned at gcc dot gnu.org
          Reporter: dcb314 at hotmail dot com

Source code is

  while (fscanf (fp_in, "%s %d %d %d %d %d\n", fname_in,  &total,
         &verified, &regset, &regpair, &unused) != EOF)

but

  char fname_in[1024];

Maybe better code might be

  while (fscanf (fp_in, "%1024s %d %d %d %d %d\n", fname_in,  &total,
         &verified, &regset, &regpair, &unused) != EOF)


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug other/60548] [libvtv/scripts/sum-vtv-counts.c:108]: (warning) scanf without field width limit s can crash with huge input data.
  2014-03-17  8:10 [Bug other/60548] New: [libvtv/scripts/sum-vtv-counts.c:108]: (warning) scanf without field width limit s can crash with huge input data dcb314 at hotmail dot com
@ 2014-03-17  8:18 ` dcb314 at hotmail dot com
  2014-03-17  8:25 ` pinskia at gcc dot gnu.org
  2021-09-12  8:43 ` egallager at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: dcb314 at hotmail dot com @ 2014-03-17  8:18 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60548

David Binderman <dcb314 at hotmail dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|normal                      |minor

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug other/60548] [libvtv/scripts/sum-vtv-counts.c:108]: (warning) scanf without field width limit s can crash with huge input data.
  2014-03-17  8:10 [Bug other/60548] New: [libvtv/scripts/sum-vtv-counts.c:108]: (warning) scanf without field width limit s can crash with huge input data dcb314 at hotmail dot com
  2014-03-17  8:18 ` [Bug other/60548] " dcb314 at hotmail dot com
@ 2014-03-17  8:25 ` pinskia at gcc dot gnu.org
  2021-09-12  8:43 ` egallager at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: pinskia at gcc dot gnu.org @ 2014-03-17  8:25 UTC (permalink / raw)
  To: gcc-bugs

http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60548

--- Comment #1 from Andrew Pinski <pinskia at gcc dot gnu.org> ---
This file is never compiled so it is very minor.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Bug other/60548] [libvtv/scripts/sum-vtv-counts.c:108]: (warning) scanf without field width limit s can crash with huge input data.
  2014-03-17  8:10 [Bug other/60548] New: [libvtv/scripts/sum-vtv-counts.c:108]: (warning) scanf without field width limit s can crash with huge input data dcb314 at hotmail dot com
  2014-03-17  8:18 ` [Bug other/60548] " dcb314 at hotmail dot com
  2014-03-17  8:25 ` pinskia at gcc dot gnu.org
@ 2021-09-12  8:43 ` egallager at gcc dot gnu.org
  2 siblings, 0 replies; 4+ messages in thread
From: egallager at gcc dot gnu.org @ 2021-09-12  8:43 UTC (permalink / raw)
  To: gcc-bugs

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=60548

Eric Gallager <egallager at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ctice at gcc dot gnu.org,
                   |                            |egallager at gcc dot gnu.org

--- Comment #4 from Eric Gallager <egallager at gcc dot gnu.org> ---
cc-ing libvtv maintainer

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-09-12  8:43 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-03-17  8:10 [Bug other/60548] New: [libvtv/scripts/sum-vtv-counts.c:108]: (warning) scanf without field width limit s can crash with huge input data dcb314 at hotmail dot com
2014-03-17  8:18 ` [Bug other/60548] " dcb314 at hotmail dot com
2014-03-17  8:25 ` pinskia at gcc dot gnu.org
2021-09-12  8:43 ` egallager at gcc dot gnu.org

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).