From: David Kalnischkies <kalnischkies@gmail.com>
Date: Sun, 4 Mar 2012 23:25:32 +0000 (+0100)
Subject: set char-limits for the scanf parsing previous crash-reports
X-Git-Tag: 0.9.0~13^2~6
X-Git-Url: https://git.saurik.com/apt.git/commitdiff_plain/b3c36c6e2f0c78797d1398e3176aac6a48b36295?ds=sidebyside

set char-limits for the scanf parsing previous crash-reports
---

diff --git a/apt-pkg/deb/dpkgpm.cc b/apt-pkg/deb/dpkgpm.cc
index 469132634..c46a81209 100644
--- a/apt-pkg/deb/dpkgpm.cc
+++ b/apt-pkg/deb/dpkgpm.cc
@@ -1542,7 +1542,7 @@ void pkgDPkgPM::WriteApportReport(const char *pkgpath, const char *errormsg)
 	 if(strstr(strbuf,"Package:") == strbuf)
 	 {
 	    char pkgname[255], version[255];
-	    if(sscanf(strbuf, "Package: %s %s", pkgname, version) == 2)
+	    if(sscanf(strbuf, "Package: %254s %254s", pkgname, version) == 2)
 	       if(strcmp(pkgver.c_str(), version) == 0)
 	       {
 		  fclose(report);