...
| Code Block | ||
|---|---|---|
| ||
struct myData {
char c;
float f;
};
/* ... */
FILE *file;
struct myData data;
/* initialize file */
if (fscanf(file, "%c %f\n", &data.c, &data.f) != 2) {
/* handle error */
}
|
Please note that this solution violates INT05-C. Do not use input functions to convert character data if they cannot handle all possible inputs since an attacker could potentially supply an input file with an unrepresentable floating point number, leading to undefined behavior.
Risk Assessment
Reading binary data that has a different format than expected may result in unintended program behavior.
...