Closed dcb314 closed 2 years ago
Hi @dcb314 ! Thanks for raising this - quite a while ago :-) I recently took over as the maintainer of this project and I'll try to get it in shape again. Do you think you can share how you ended up with these errors? If I can reproduce it, I might be able to fix it. Thanks a lot!
I found the bugs by using the cppcheck static analyser.
Code is wrong merely by inspection, I wouldn't bother trying to reproduce it.
@dcb314 - thanks for the clarification. I can confirm the cppcheck
complains:
cppcheck src/arp-ioctl.c
Checking src/arp-ioctl.c ...
Checking src/arp-ioctl.c: HAVE_ARPREQ_ARP_DEV...
Checking src/arp-ioctl.c: HAVE_LINUX_PROCFS...
src/arp-ioctl.c:221:7: error: Width 100 given in format string (no. 4) is larger than destination buffer 'macbuf[100]', use %99s to prevent overflowing it. [invalidScanfFormatWidth]
i = sscanf(buf, "%s 0x%x 0x%x %100s %100s %100s\n",
^
src/arp-ioctl.c:221:7: error: Width 100 given in format string (no. 5) is larger than destination buffer 'maskbuf[100]', use %99s to prevent overflowing it. [invalidScanfFormatWidth]
i = sscanf(buf, "%s 0x%x 0x%x %100s %100s %100s\n",
^
src/arp-ioctl.c:221:7: error: Width 100 given in format string (no. 6) is larger than destination buffer 'devbuf[100]', use %99s to prevent overflowing it. [invalidScanfFormatWidth]
i = sscanf(buf, "%s 0x%x 0x%x %100s %100s %100s\n",
^
Checking src/arp-ioctl.c: HAVE_NET_RADIX_H;_AIX...
Checking src/arp-ioctl.c: HAVE_STREAMS_MIB2...
Checking src/arp-ioctl.c: HAVE_STREAMS_ROUTE...
Checking src/arp-ioctl.c: HAVE_SYS_MIB_H...
Checking src/arp-ioctl.c: __linux__...
Checking src/arp-ioctl.c: hpux...
I believe even gcc complains about these during compilation and I need to address that.
Should be fixed by commit 661c72866a6522009612accc5403d7527bf9052c .
Then shouldn't this issue be closed?
Agree, this should be fixed and therefore this issue can be closed. I wanted to have someone confirming it; I take your comment as confirmation :-)
[arp-ioctl.c:221]: (error) Width 100 given in format string (no. 4) is larger than destination buffer 'macbuf[100]', use %99s to prevent overflowing it. [arp-ioctl.c:221]: (error) Width 100 given in format string (no. 5) is larger than destination buffer 'maskbuf[100]', use %99s to prevent overflowing it. [arp-ioctl.c:221]: (error) Width 100 given in format string (no. 6) is larger than destination buffer 'devbuf[100]', use %99s to prevent overflowing it. [route-linux.c:223]: (error) Width 16 given in format string (no. 1) is larger than destination buffer 'ifbuf[16]', use %15s to prevent overflowing it.