Re: sscanf (pc,"%lu",&uidvalidity) (Re: [2005-03-22] CVS repository changes)
On Wed, 23 Mar 2005, Brendan Cully wrote:
> On Wednesday, 23 March 2005 at 18:45, Tamotsu Takahashi wrote:
> > On Wed, Mar 23, 2005 at 01:13:19AM -0800, Brendan Cully wrote:
> > > On Tuesday, 22 March 2005 at 14:04, Tamotsu Takahashi wrote:
> > > > BTW, What about checking the return value of sscanf?
> > > > (as Yonetani-san said.)
> > > >
> > > > if (sscanf (pc, "%lu", &(idata->uid_validity)) != 1)
> > > > goto fail;
> > >
> > > probably a good idea in theory, but next thing you know we're
> > > checking the return value of malloc calls.
> >
> > Aha, Okay. I don't object to you the IMAP code author. :)
(snip)
> sorry, that was a little late night joke. sscanf should be checked,
> I'm just not looking forward to going through all the code.
Don't mind, you don't have to feel sorry.
Well, I did a rough search and found a few unchecked scanf's.
An untested patch is attached.
--
tamo
--- ../mutt-1.5.9/pop.c 2005-02-04 03:47:53.000000000 +0900
+++ pop.c 2005-04-01 08:10:05.000000000 +0900
@@ -67,7 +67,12 @@
ret = pop_query (pop_data, buf, sizeof (buf));
if (ret == 0)
{
- sscanf (buf, "+OK %d %ld", &index, &length);
+ if (sscanf (buf, "+OK %d %ld", &index, &length) != 2)
+ {
+ mutt_error (_("unknown error"));
+ ret = -2;
+ goto finish;
+ }
snprintf (buf, sizeof (buf), "TOP %d 0\r\n", h->refno);
ret = pop_fetch_data (pop_data, buf, NULL, fetch_message, f);
@@ -119,6 +124,7 @@
}
}
+finish:
fclose (f);
unlink (tempfile);
return ret;
@@ -131,7 +137,8 @@
CONTEXT *ctx = (CONTEXT *)data;
POP_DATA *pop_data = (POP_DATA *)ctx->data;
- sscanf (line, "%d %s", &index, line);
+ if (sscanf (line, "%d %s", &index, line) != 2)
+ return -2;
for (i = 0; i < ctx->msgcount; i++)
if (!mutt_strcmp (line, ctx->hdrs[i]->data))
break;
@@ -592,7 +599,11 @@
goto finish;
}
- sscanf (buffer, "+OK %d %d", &msgs, &bytes);
+ if (sscanf (buffer, "+OK %d %d", &msgs, &bytes) != 2)
+ {
+ mutt_error (_("unknown error"));
+ goto finish;
+ }
/* only get unread messages */
if (msgs > 0 && option (OPTPOPLAST))
@@ -602,7 +613,11 @@
if (ret == -1)
goto fail;
if (ret == 0)
- sscanf (buffer, "+OK %d", &last);
+ if (sscanf (buffer, "+OK %d", &last) != 1)
+ {
+ mutt_error (_("unknown error"));
+ goto finish;
+ }
}
if (msgs <= last)
--- ../mutt-1.5.9/pop_lib.c 2005-02-04 03:47:53.000000000 +0900
+++ pop_lib.c 2005-04-01 08:16:07.000000000 +0900
@@ -355,7 +355,12 @@
return ret;
}
- sscanf (buf, "+OK %u %u", &n, &size);
+ if (sscanf (buf, "+OK %u %u", &n, &size) != 2)
+ {
+ mutt_error (_("unknown error"));
+ mutt_sleep (1);
+ return -2;
+ }
pop_data->size = size;
return 0;
@@ -510,7 +515,8 @@
unsigned int index;
CONTEXT *ctx = (CONTEXT *)data;
- sscanf (line, "%u %s", &index, line);
+ if (sscanf (line, "%u %s", &index, line) != 2)
+ return -2;
for (i = 0; i < ctx->msgcount; i++)
{
if (!mutt_strcmp (ctx->hdrs[i]->data, line))