Fix potential buffer overflow via fscanf
Scanner Output
--------------
Error: DC.STREAM_BUFFER (CWE-120): [#def4]
libtasn1-4.16.0/src/asn1Coding.c:75: dont_call: "fscanf" assumes an arbitrarily long string, so callers must use correct precision specifiers or never use "fscanf".
libtasn1-4.16.0/src/asn1Coding.c:75: remediation: Use correct precision specifiers or implement your own parsing.
# 73| int ret;
# 74|
# 75|-> ret = fscanf (file, "%s", varName);
# 76| if (ret == EOF)
# 77| return ASSIGNMENT_EOF;
Error: DC.STREAM_BUFFER (CWE-120): [#def5]
libtasn1-4.16.0/src/asn1Coding.c:81: dont_call: "fscanf" assumes an arbitrarily long string, so callers must use correct precision specifiers or never use "fscanf".
libtasn1-4.16.0/src/asn1Coding.c:81: remediation: Use correct precision specifiers or implement your own parsing.
# 79| varName[0] = 0;
# 80|
# 81|-> ret = fscanf (file, "%s", value);
# 82| if (ret == EOF)
# 83| return ASSIGNMENT_ERROR;
Signed-off-by: Simo Sorce <simo@redhat.com>
diff --git a/src/asn1Coding.c b/src/asn1Coding.c
index 381a1c3..9b54a75 100644
--- a/src/asn1Coding.c
+++ b/src/asn1Coding.c
@@ -72,13 +72,13 @@
int ret;
- ret = fscanf (file, "%s", varName);
+ ret = fscanf (file, "%1023s", varName);
if (ret == EOF)
return ASSIGNMENT_EOF;
if (!strcmp (varName, "''"))
varName[0] = 0;
- ret = fscanf (file, "%s", value);
+ ret = fscanf (file, "%1023s", value);
if (ret == EOF)
return ASSIGNMENT_ERROR;