during refactoring a review from copilot didn't like the implementation of uuid_from_dmi_entries: uuid_from_dmi_entries() uses sprintf() into a PATH_MAX buffer (potential overflow) and reads into buf without guaranteeing NUL-termination before calling sscanf(). If read() fills the buffer completely, sscanf() may read past the buffer looking for a terminator.
#3486 (comment)
during refactoring a review from copilot didn't like the implementation of
uuid_from_dmi_entries: uuid_from_dmi_entries() uses sprintf() into a PATH_MAX buffer (potential overflow) and reads into buf without guaranteeing NUL-termination before calling sscanf(). If read() fills the buffer completely, sscanf() may read past the buffer looking for a terminator.#3486 (comment)