From 9e6af4f0e29d7e183f7a623ff4ca9033c6bb9f9a Mon Sep 17 00:00:00 2001
From: Frank Winklmeier <frank.winklmeier@cern.ch>
Date: Thu, 15 Dec 2022 11:25:48 +0100
Subject: [PATCH] RegionSelector: cppcheck fix (invalidscanf)

Limit the maximum number of characters consumed in `sscanf` to avoid
potential buffer overflow.
---
 .../RegionSelector/src/RegSelectorHashMap.cxx                | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/DetectorDescription/RegionSelector/src/RegSelectorHashMap.cxx b/DetectorDescription/RegionSelector/src/RegSelectorHashMap.cxx
index 3be8aabb3ec0..07078c0ab6e4 100755
--- a/DetectorDescription/RegionSelector/src/RegSelectorHashMap.cxx
+++ b/DetectorDescription/RegionSelector/src/RegSelectorHashMap.cxx
@@ -1,5 +1,5 @@
 /*
-  Copyright (C) 2002-2020 CERN for the benefit of the ATLAS collaboration
+  Copyright (C) 2002-2022 CERN for the benefit of the ATLAS collaboration
 */
 
 #include "RegionSelector/RegSelectorHashMap.h"
@@ -560,7 +560,8 @@ StatusCode RegSelectorHashMap::read(const char *filename){
     do{
       robId.clear();
       pch = strchr(buffer,' ');
-      int test = sscanf(pch, " %u %d %d %lf %lf %lf %lf %s %s",  &hashId, &layer, &samp, &emin, &emax, &pmin, &pmax, robIdStr, robIdStr2);
+      int test = sscanf(pch, " %u %d %d %lf %lf %lf %lf %11s %11s",  // max 11 chars + null-byte
+                        &hashId, &layer, &samp, &emin, &emax, &pmin, &pmax, robIdStr, robIdStr2);
       robId.push_back(strtol(robIdStr,nullptr,16));
       if ( test == 9 ) // this means that there are 2 ROBs in 1 TT
         robId.push_back(strtol(robIdStr2,nullptr,16));
-- 
GitLab