From c4a3d574999143447f66408a46bac8cbc8ccb4bc Mon Sep 17 00:00:00 2001 From: Gregory Hainaut Date: Mon, 21 Sep 2015 17:53:04 +0200 Subject: [PATCH] gsdx: protect fscanf string read Coverity: CID 146816 (#1 of 1): Calling risky function (DC.STREAM_BUFFER) dont_call: fscanf(FILE *, char const *, ...) assumes an arbitrarily large string, so callers must use correct precision specifiers or never use fscanf(FILE *, char const *, ...) --- plugins/GSdx/GSdx.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/plugins/GSdx/GSdx.cpp b/plugins/GSdx/GSdx.cpp index c744aeff51..9930984570 100644 --- a/plugins/GSdx/GSdx.cpp +++ b/plugins/GSdx/GSdx.cpp @@ -243,13 +243,13 @@ void GSdxApp::BuildConfigurationMap(const char* lpFileName) m_configuration_map["inifile"] = inifile_value; // Load config from file - char value[255]; - char key[255]; + char value[256]; + char key[256]; FILE* f = fopen(lpFileName, "r"); if (f == NULL) return; // FIXME print a nice message - while( fscanf(f, "%s = %s\n", key, value) != EOF ) { + while( fscanf(f, "%255s = %255s\n", key, value) != EOF ) { std::string key_s(key); std::string value_s(value); m_configuration_map[key_s] = value_s;