From 516f1dcab0b4cb47de4a9136bc321680ee73e05c Mon Sep 17 00:00:00 2001
From: taeyoung <ty317.kim@samsung.com>
Date: Wed, 30 Nov 2016 14:29:22 +0900
Subject: [PATCH] common: change fscanf to fgets

fscanf can occur buffer overflow issue.
Thus the function is changed to fgets.

Change-Id: Icd8713effc71245bf2ee61ce5e2129c285b0a2c3
Signed-off-by: taeyoung <ty317.kim@samsung.com>
---
 src/storage-external.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/storage-external.c b/src/storage-external.c
index b5654f2..42ea2e8 100755
--- a/src/storage-external.c
+++ b/src/storage-external.c
@@ -359,6 +359,7 @@ int storage_ext_get_root(int storage_id, char *path, size_t len)
 	FILE *fp;
 	storage_ext_device *dev;
 	char file_name[PATH_LEN];
+	char *tmp;
 	int ret = 0;
 
 	if (storage_id < 0)
@@ -377,14 +378,14 @@ int storage_ext_get_root(int storage_id, char *path, size_t len)
 			goto out;
 		}
 
-		ret = fscanf(fp, "%s", path);
-		if (ret <= 0) {
+		tmp = fgets(path, len, fp);
+		fclose(fp);
+		if (!tmp) {
 			ret = -ENODEV;
 			_D("Failed to get path");
-			fclose(fp);
 			goto out;
 		}
-		fclose(fp);
+
 	} else {
 		dev = calloc(1, sizeof(storage_ext_device));
 		if (!dev) {
-- 
2.7.4