]> asedeno.scripts.mit.edu Git - PuTTY.git/blobdiff - pscp.c
projects / PuTTY.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix vulnerability CVE-2016-2563 in old scp protocol.
[PuTTY.git] / pscp.c
diff --git a/pscp.c b/pscp.c
index 3e41454d3d4e02c5028f1cab7a83a1c951a31184..dc9e1f5018f0e40515308ede348ce8906301cb92 100644 (file)
--- a/pscp.c
+++ b/pscp.c
@@ -1528,7 +1528,7 @@ int scp_get_sink_action(struct scp_sink_action *act)
        {
            char sizestr[40];
        
-           if (sscanf(act->buf, "%lo %s %n", &act->permissions,
+            if (sscanf(act->buf, "%lo %39s %n", &act->permissions,
                        sizestr, &i) != 2)
                bump("Protocol error: Illegal file descriptor format");
            act->size = uint64_from_decimal(sizestr);
local copy of git://git.tartarus.org/simon/putty.git