From ad94bca0d273869d6358719f4dbd515a905acd26 Mon Sep 17 00:00:00 2001
From: Steven Bennetts <steve@lindenlab.com>
Date: Wed, 24 Jan 2007 20:21:23 +0000
Subject: merge -r 56696:57082 Branch_1-13-2

---
 indra/llmessage/llcachename.cpp | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

(limited to 'indra/llmessage')

diff --git a/indra/llmessage/llcachename.cpp b/indra/llmessage/llcachename.cpp
index e5bc3814f6..2232e8642b 100644
--- a/indra/llmessage/llcachename.cpp
+++ b/indra/llmessage/llcachename.cpp
@@ -265,6 +265,7 @@ void LLCacheName::importFile(FILE* fp)
 	const S32 BUFFER_SIZE = 1024;
 	char buffer[BUFFER_SIZE];	/*Flawfinder: ignore*/
 
+	// *NOTE: These buffer sizes are hardcoded into sscanf() below
 	char id_string[MAX_STRING]; /*Flawfinder: ignore*/
 	char firstname[MAX_STRING]; /*Flawfinder: ignore*/
 	char lastname[MAX_STRING]; /*Flawfinder: ignore*/
@@ -274,9 +275,10 @@ void LLCacheName::importFile(FILE* fp)
 	char* valid = fgets(buffer, BUFFER_SIZE, fp);
 	if (!valid) return;
 
+	// *NOTE: This buffer size is hardcoded into sscanf() below
 	char version_string[BUFFER_SIZE]; /*Flawfinder: ignore*/
 	S32 version = 0;
-	S32 match = sscanf(buffer, "%s %d", version_string, &version); // XXXTBD
+	S32 match = sscanf(buffer, "%1023s %d", version_string, &version);
 	if (   match != 2
 		|| strcmp(version_string, "version")
 		|| version != CN_FILE_VERSION)
@@ -295,11 +297,13 @@ void LLCacheName::importFile(FILE* fp)
 		valid = fgets(buffer, BUFFER_SIZE, fp);
 		if (!valid) break;
 
-		match = sscanf(buffer, "%s %u %s %s",   // XXXTBD
-					   id_string, 
-					   &create_time,
-					   firstname, 
-					   lastname);
+		match = sscanf(
+			buffer,
+			"%254s %u %254s %254s",
+			id_string, 
+			&create_time,
+			firstname, 
+			lastname);
 		if (4 != match) continue;
 
 		LLUUID id(id_string);
-- 
cgit v1.2.3