sscanf safety.

Don't scanf unlimited strings: set a limit of 255 chars.

diff --git a/pmap_set.c b/pmap_set.c
index 697735af2f60f3971c780a47c91deecd5c67c1e8..c59a11d2d78f492ea614e6ce167381d711cb358b 100644 (file)
--- a/pmap_set.c
+++ b/pmap_set.c
@@ -48,9 +48,9 @@ static int
 parse_line(char *buf, u_long *prog, u_long *vers,
           int *prot, unsigned *port)
 {
-    char    proto_name[BUFSIZ];
+    char    proto_name[256];
 
-    if (sscanf(buf, "%lu %lu %s %u", prog, vers, proto_name, port) != 4) {
+    if (sscanf(buf, "%lu %lu %255s %u", prog, vers, proto_name, port) != 4) {
        return (0);
     }
     if (strcmp(proto_name, "tcp") == 0) {