...
However, if the last character in buf is not a newline, it will truncate this code overwrites an otherwise-valid character.
Compliant
...
Solution
This compliant solution The following example uses strchr() to replace the newline character in the string only (if it exists).
| Code Block | ||
|---|---|---|
| ||
char buf[1024]BUFSIZ + 1]; char *p; if (fgets(buf, sizeof(buf), fp)) { char *p; if= (p=strchr(buf, '\n'); if (p) { *p = '\0'; } } else { /* handle error condition */ } |
Risk Assessment
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP01-A | 1 (low) | 1 (unlikely) | 3 (low) | P3 | P3 |
...