Fix Buffer Overflow Error in vtkWrapPythonInit.c
This is a fix for the release
branch.
In vtkWrapPythonInit.c, fscanf
is used to read a user supplied string into a
fixed-length buffer. There is no restriction on the length of the
string, which may lead to a buffer overflow error.
This commit limits the number of characters copied into the buffer.
This is achieved by changing the format string of fscanf
from %s
to %249s
.
The buffer overflow error can be reproduced as follows.
In a terminal, run
./vtkWrapPythonInit-9.0 input_file init_file impl_file
where input_file
contains a single line of over 300 characters.
Backport: release
Edited by David Gobbi