[Toybox] [PATCH] mkflags: fix a sscanf buffer off-by-one.
Rob Landley
rob at landley.net
Sat Feb 22 04:10:31 PST 2020
On 2/21/20 11:10 AM, enh via Toybox wrote:
> Sadly, the compilers don't even catch this common mistake if you use
> sscanf_s(3). Luckily, ASan does.
I haven't given the build-time stuff the same level of scrutiny the runtime
stuff gets because it's not deployed on target so presumably not as exploitable.
(And because it's not building with the full toybox lib/*.c infrastructure and
is working with known fixed inputs, so there's a lot of half-assed "read into a
static buffer" and such going on, which this is an instance of.)
At least I bounds-checked it. :)
Rob
More information about the Toybox
mailing list