Changeset 1213 for cpp


Ignore:
Timestamp:
04/07/23 18:39:27 (20 months ago)
Author:
Maciej Komosinski
Message:

Fixed buffer overflow - the [...] pattern in scanf() always stores the trailing \0 in addition to the characters matched

File:
1 edited

Legend:

Unmodified
Added
Removed
  • cpp/frams/genetics/f4/f4_general.cpp

    r1108 r1213  
    11// This file is a part of Framsticks SDK.  http://www.framsticks.com/
    2 // Copyright (C) 1999-2020  Maciej Komosinski and Szymon Ulatowski.
     2// Copyright (C) 1999-2023  Maciej Komosinski and Szymon Ulatowski.
    33// See LICENSE.txt for details.
    44
     
    13551355{
    13561356        int i, j, res, t;
    1357         char tc1, tc2, tc3; // tc3 is only to ensure that neuron parameter definition is completed
     1357        char tc1, tc2, tc3[2]; // tc3 is only to ensure that neuron parameter definition is completed
    13581358        int relfrom;
    13591359        double w;
     
    14851485                        }
    14861486                        // if there is a colon determining neuron parameter, then let the switch case colon handle this
    1487                         else if (sscanf(genot + gpos + 1, ":%c%c%[:]", &tc1, &tc2, &tc3) == 3)
     1487                        else if (sscanf(genot + gpos + 1, ":%c%c%1[:]", &tc1, &tc2, &tc3) == 3)
    14881488                        {
    14891489                                node1 = new f4_node(genot[gpos], par, gpos);
     
    15061506                {
    15071507                        // neuron parameter  +! -! += -= +/ or -/
    1508                         if (sscanf(genot + gpos, ":%c%c%[:]", &tc1, &tc2, &tc3) != 3)
     1508                        if (sscanf(genot + gpos, ":%c%c%1[:]", &tc1, &tc2, &tc3) != 3)
    15091509                                // error: incorrect format
    15101510                                return gpos + 1 + 1;
Note: See TracChangeset for help on using the changeset viewer.