From 5e8c412e63d6a86aa4846efe4cceff52ca8f16d5 Mon Sep 17 00:00:00 2001 From: songweibin Date: Thu, 25 Jul 2019 19:44:08 +0800 Subject: [PATCH] common,tools: make sure the destination buffer can handle the size of the string fix klocwork issues: Width is not specified for 's' conversion specifier. This can result in an overflow of the buffer provided in argument 3 of a call to 'sscanf' Signed-off-by: songweibin --- src/common/util.cc | 2 +- src/tools/cephfs/Dumper.cc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/common/util.cc b/src/common/util.cc index 3448eb2bfa37b..9678f6076411c 100644 --- a/src/common/util.cc +++ b/src/common/util.cc @@ -249,7 +249,7 @@ void collect_sys_info(map *m, CephContext *cct) break; char key[40]; long long value; - int r = sscanf(line, "%s %lld", key, &value); + int r = sscanf(line, "%39s %lld", key, &value); if (r == 2) { if (strcmp(key, "MemTotal:") == 0) (*m)["mem_total_kb"] = boost::lexical_cast(value); diff --git a/src/tools/cephfs/Dumper.cc b/src/tools/cephfs/Dumper.cc index 11d32523f416e..6b7584978918e 100644 --- a/src/tools/cephfs/Dumper.cc +++ b/src/tools/cephfs/Dumper.cc @@ -243,7 +243,7 @@ int Dumper::undump(const char *dump_file, bool force) if (strstr(buf, "fsid")) { uuid_d fsid; char fsid_str[40]; - sscanf(strstr(buf, "fsid"), "fsid %s", fsid_str); + sscanf(strstr(buf, "fsid"), "fsid %39s", fsid_str); r = fsid.parse(fsid_str); if (!r) { derr << "Invalid fsid" << dendl; -- 2.39.5