Note the possible buffer overflow in window_title

git-svn-id: https://svn.code.sf.net/p/freeglut/code/trunk@198 7f0cb862-5218-0410-a997-914c9d46530a
This commit is contained in:
puggles 2003-09-21 13:47:36 +00:00
parent 71fbfebd41
commit 4e7cf2f8da
2 changed files with 11 additions and 1 deletions

View File

@ -206,7 +206,12 @@ void readConfigFile ( char *fnme )
/* Read the window title */ /* Read the window title */
fgets ( inputline, 256, fptr ) ; fgets ( inputline, 256, fptr ) ;
sscanf ( inputline, "%[a-zA-Z0-9!@#$%^&*()+=/\\_-\" ]", window_title ) ; /* We assume here that this line will not exceed 79 characters plus a
newline (window_title is 80 characters long). That'll cause a buffer
overflow. For a simple program like this, though, we're letting it
slide!
*/
sscanf ( inputline, "%[a-zA-Z0-9!@#$%^&*()+=/\\_-\" ]", window_title ) ;
/* Read a comment line */ /* Read a comment line */
fgets ( inputline, 256, fptr ) ; fgets ( inputline, 256, fptr ) ;

View File

@ -188,6 +188,11 @@ void readConfigFile ( char *fnme )
/* Read the window title */ /* Read the window title */
fgets ( inputline, 256, fptr ) ; fgets ( inputline, 256, fptr ) ;
/* We assume here that this line will not exceed 79 characters plus a
newline (window_title is 80 characters long). That'll cause a buffer
overflow. For a simple program like this, though, we're letting it
slide!
*/
sscanf ( inputline, "%[a-zA-Z0-9!@#$%^&*()+=/\\_-\" ]", window_title ) ; sscanf ( inputline, "%[a-zA-Z0-9!@#$%^&*()+=/\\_-\" ]", window_title ) ;
/* Read a comment line */ /* Read a comment line */