[PATCH 2/2] lib: fwts_battery: add field width limit for sscanf

Sun Sep 14 22:45:27 UTC 2014

From: Colin Ian King <colin.king at canonical.com>

Adding a field width limit to avoid buffer overflow

Signed-off-by: Colin Ian King <colin.king at canonical.com>
---
 src/lib/src/fwts_battery.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/lib/src/fwts_battery.c b/src/lib/src/fwts_battery.c
index cbba109..8a84998 100644
--- a/src/lib/src/fwts_battery.c
+++ b/src/lib/src/fwts_battery.c
@@ -156,7 +156,7 @@ static int fwts_battery_get_capacity_proc_fs(fwts_framework *fw,
 				while (fgets(buffer, sizeof(buffer)-1, fp) != NULL) {
 					if (strstr(buffer, field) &&
 					    strlen(buffer) > 25) {
-						sscanf(buffer+25, "%d %s", &val, units);
+						sscanf(buffer+25, "%d %63s", &val, units);
 						if (strncmp(units, "mAh",3) == 0) {
 							*capacity_mAh += val;
 							(*count)++;
-- 
2.1.0


