[server] Enforce proper bounds checking on digest cache file import

Bug fix to ensure that proper bounds are enforced when importing digest
cache files from previous fwknopd executions. This bug
was discovered through fuzzing with American Fuzzy Lop (AFL) as driven
by the test/afl/fuzzing-wrappers/server-digest-cache.sh wrapper.
Previous to this fix, fwknopd could be made to crash through a malicious
digest cache file (normally in /var/run/fwknop/digest.cache) upon
initial import.

ChangeLog

@@ -1,3 +1,12 @@
+fwknop-2.6.5 (11//2014):
+    - [server] Bug fix to ensure that proper bounds are enforced when
+      importing digest cache files from previous fwknopd executions. This bug
+      was discovered through fuzzing with American Fuzzy Lop (AFL) as driven
+      by the test/afl/fuzzing-wrappers/server-digest-cache.sh wrapper.
+      Previous to this fix, fwknopd could be made to crash through a malicious
+      digest cache file (normally in /var/run/fwknop/digest.cache) upon
+      initial import.
+
 fwknop-2.6.4 (11/16/2014):
     - [server] Added a UDP server mode so that SPA packets can be acquired via
       UDP directly without having to use libpcap. This is an optional feature

server/replay_cache.c

@@ -306,12 +306,12 @@ replay_file_cache_init(fko_srv_options_t *opts)
         src_ip[0] = '\0';
         dst_ip[0] = '\0';
 
-        if(sscanf(line_buf, "%s %hhu %s %hu %s %hu %ld",
-            digest_elm->cache_info.digest,
+        if(sscanf(line_buf, "%64s %hhu %16s %hu %16s %hu %ld",
+            digest_elm->cache_info.digest,  /* %64s, buffer size is MAX_DIGEST_SIZE+1 */
             &(digest_elm->cache_info.proto),
-            src_ip,
+            src_ip,  /* %16s, buffer size is INET_ADDRSTRLEN+1 */
             &(digest_elm->cache_info.src_port),
-            dst_ip,
+            dst_ip,  /* %16s, buffer size is INET_ADDRSTRLEN+1 */
             &(digest_elm->cache_info.dst_port),
             &time_tmp) != 7)
         {