search

facebook / fboss

Facebook Open Switching System Software for controlling network switches.
Other
866 stars 301 forks source link

no limitation for "%s" while calling fscanf() #90

Open QiAnXinCodeSafe opened 4 years ago

QiAnXinCodeSafe commented 4 years ago

https://github.com/facebook/fboss/blob/8865126044e7a6647c2ba7b0aa0c2d974edeb1eb/fboss/util/nic_util.cpp#L494

iris577 commented 3 years ago

@bdd

slogan621 commented 3 years ago

Not only that, but sprintf on the line before would be more secure as snprintf, and strcat on the line after would be more secure as strncat.