...
| Code Block | ||
|---|---|---|
| ||
struct {
char c;
float f;
} myData;
if(fscanf(fd, "%c %f\n", &myData.c, &myData.f) != 2) {
/* Handle error */
}
|
Risk Assessment
TODO
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
References
...
FIO00-A. Take care when creating format strings 09. Input Output (FIO) FIO02-A. Canonicalize file names originating from untrusted sources