From: Michal Sojka <sojkam1@fel.cvut.cz>
Date: Wed, 13 Apr 2016 14:24:02 +0000 (+0200)
Subject: lout: Fix buffer overflow
X-Git-Url: http://rtime.felk.cvut.cz/gitweb/pes-rpp/rpp-test-sw.git/commitdiff_plain/87d5ebb679ee9244cd105cd746981e8ca067d614

lout: Fix buffer overflow
---

diff --git a/rpp-test-sw/commands/cmd_lout.c b/rpp-test-sw/commands/cmd_lout.c
index c884b04..b03dd8d 100644
--- a/rpp-test-sw/commands/cmd_lout.c
+++ b/rpp-test-sw/commands/cmd_lout.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2012-2013 Czech Technical University in Prague
+ * Copyright (C) 2012-2013, 2016 Czech Technical University in Prague
  *
  * Created on: 28.2.2013
  *
@@ -39,11 +39,11 @@ int cmd_do_lout_set(cmd_io_t *cmd_io, const struct cmd_des *des, char *param[])
 {
 	int pin;
 	char *p = param[1];
-	char spareParams;
+	char spareParams[2];
 	int val;
 	int ret;
 
-	if (sscanf(p, "%d %d %1s", &pin, &val, &spareParams) != 2)
+	if (sscanf(p, "%d %d %1s", &pin, &val, spareParams) != 2)
 		return -CMDERR_BADPAR;
 	ret = rpp_lout_set(pin, val);
 	if (ret == -1) {
@@ -71,10 +71,10 @@ int cmd_do_lout_diag(cmd_io_t *cmd_io, const struct cmd_des *des, char *param[])
 {
 	int pin;
 	char *p = param[1];
-	char spareParams;
+	char spareParams[2];
 	int ret;
 
-	if (sscanf(p, "%d %1s", &pin, &spareParams) != 1)
+	if (sscanf(p, "%d %1s", &pin, spareParams) != 1)
 		return -CMDERR_BADPAR;
 
 	if (rpp_lout_update() == FAILURE) {