...
| Code Block | ||
|---|---|---|
| ||
char buf[BUFSIZ + 1];
char *p;
if (fgets(buf, sizeof(buf), fp)) {
p = strchr(buf, '\n');
if (p) {
*p = '\0';
}
}
else {
/* handle error condition */
}
|
Risk Assessment
Assuming character data has been read can result in out-of-bounds memory writes.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
FI037-C | 3 2 (highmedium) | 1 (unlikely) | 2 (medium) | P6 P4 | L3 |
Examples of vulnerabilities resulting from the violation of this rule can be found on the CERT website.
...