The scanf() family's %s operation, without a limit specification, permits buffer overflows. Buffer overflow is one of the most common class of vulnerabilities.
LABEL: Bug
SEVERITY: Major
SOLUTION: Specify a limit to %s, or use a different input function.
COMMON WEAKNESS ENUMERATION INDEX: CWE-120, CWE-20
The scanf() family's %s operation, without a limit specification, permits buffer overflows. Buffer overflow is one of the most common class of vulnerabilities.
LABEL: Bug SEVERITY: Major SOLUTION: Specify a limit to %s, or use a different input function. COMMON WEAKNESS ENUMERATION INDEX: CWE-120, CWE-20
Instances found in the GitHub repository: