projects / platform / core / system / libstorage.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6b94452)
common: change fscanf to fgets 05/101005/1 accepted/tizen/3.0/common/20161201.135116 accepted/tizen/3.0/ivi/20161201.031518 accepted/tizen/3.0/mobile/20161201.031338 accepted/tizen/3.0/tv/20161201.031431 accepted/tizen/3.0/wearable/20161201.031455 submit/tizen_3.0/20161130.101437
authortaeyoung <ty317.kim@samsung.com>
Wed, 30 Nov 2016 05:29:22 +0000 (14:29 +0900)
committertaeyoung <ty317.kim@samsung.com>
Wed, 30 Nov 2016 05:29:22 +0000 (14:29 +0900)
fscanf can occur buffer overflow issue.
Thus the function is changed to fgets.

Change-Id: Icd8713effc71245bf2ee61ce5e2129c285b0a2c3
Signed-off-by: taeyoung <ty317.kim@samsung.com>
src/storage-external.c patch | blob | history

diff --git a/src/storage-external.c b/src/storage-external.c
index b5654f2..42ea2e8 100755 (executable)
--- a/src/storage-external.c
+++ b/src/storage-external.c
@@ -359,6 +359,7 @@ int storage_ext_get_root(int storage_id, char *path, size_t len)
        FILE *fp;
        storage_ext_device *dev;
        char file_name[PATH_LEN];
+       char *tmp;
        int ret = 0;
 
        if (storage_id < 0)
@@ -377,14 +378,14 @@ int storage_ext_get_root(int storage_id, char *path, size_t len)
                        goto out;
                }
 
-               ret = fscanf(fp, "%s", path);
-               if (ret <= 0) {
+               tmp = fgets(path, len, fp);
+               fclose(fp);
+               if (!tmp) {
                        ret = -ENODEV;
                        _D("Failed to get path");
-                       fclose(fp);
                        goto out;
                }
-               fclose(fp);
+
        } else {
                dev = calloc(1, sizeof(storage_ext_device));
                if (!dev) {
Domain: System / System Framework;