From 01b63fcca2908fe72c0577205bc731b3f0d9a849 Mon Sep 17 00:00:00 2001
From: Boris Egorov
Date: Tue, 19 Jan 2016 11:45:15 +0600
Subject: readprofile: add scanf field width limits [cppcheck]

[sys-utils/readprofile.c:301]: (warning) scanf without field width limits can crash with huge input data.
[sys-utils/readprofile.c:322]: (warning) scanf without field width limits can crash with huge input data.
---
 sys-utils/readprofile.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'sys-utils/readprofile.c')

diff --git a/sys-utils/readprofile.c b/sys-utils/readprofile.c
index 3ba866e24..39a24deda 100644
--- a/sys-utils/readprofile.c
+++ b/sys-utils/readprofile.c
@@ -298,7 +298,7 @@ int main(int argc, char **argv)
 		err(EXIT_FAILURE, "%s", mapFile);
 
 	while (fgets(mapline, S_LEN, map)) {
-		if (sscanf(mapline, "%llx %s %s", &fn_add, mode, fn_name) != 3)
+		if (sscanf(mapline, "%llx %7[^\n ] %127[^\n ]", &fn_add, mode, fn_name) != 3)
 			errx(EXIT_FAILURE, _("%s(%i): wrong map line"), mapFile,
 			     maplineno);
 		/* only elf works like this */
@@ -319,7 +319,7 @@ int main(int argc, char **argv)
 		unsigned int this = 0;
 		int done = 0;
 
-		if (sscanf(mapline, "%llx %s %s", &next_add, mode, next_name) != 3)
+		if (sscanf(mapline, "%llx %7[^\n ] %127[^\n ]", &next_add, mode, next_name) != 3)
 			errx(EXIT_FAILURE, _("%s(%i): wrong map line"), mapFile,
 			     maplineno);
 		header_printed = 0;
-- 
cgit v1.2.3-55-g7522