Fix unbounded write of sscanf

Format string "%s" that does not control the length of data written may overflow.
stlink-org · Apr 22, 2023 · 0a5cad7 · 0a5cad7
1 parent 8de2b4d
commit 0a5cad7
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/stlink-lib/chipid.c b/src/stlink-lib/chipid.c
@@ -64,7 +64,7 @@ void process_chipfile(char *fname) {
         (strncmp(buf, " ", strlen(" ")) == 0))
       continue; // ignore empty lines
 
-    sscanf(buf, "%s %s", word, value);
+    sscanf(buf, "%63s %63s", word, value);
 
     if (strcmp(word, "dev_type") == 0) {
       buf[strlen(buf) - 1] = 0; // chomp newline