[tor-commits] [tor/master] Replace 4 more sscanf()s with tor_sscanf()

nickm at torproject.org nickm at torproject.org
Fri Jul 1 16:57:14 UTC 2011


commit a0ae80788cc12284cd63ac678318f95e1238b257
Author: Nick Mathewson <nickm at torproject.org>
Date:   Fri Jul 1 11:26:30 2011 -0400

    Replace 4 more sscanf()s with tor_sscanf()
    
    For some inexplicable reason, Coverity departs from its usual
    standards of avoiding false positives here, and warns about all
    sscanf usage, even when the formatting strings are totally safe.
    
    Addresses CID # 447, 446.
---
 changes/cov217_scanf         |    5 +++++
 src/common/compat_libevent.c |    4 ++--
 src/or/geoip.c               |    4 ++--
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/changes/cov217_scanf b/changes/cov217_scanf
new file mode 100644
index 0000000..368bca8
--- /dev/null
+++ b/changes/cov217_scanf
@@ -0,0 +1,5 @@
+  o Code simplification and refactoring:
+    - Use tor_sscanf in place of scanf in more places through the
+      code. This makes us a little more locale-independent, and
+      should help shut up code-analysis tools that can't tell
+      a safe sscanf string from a dangerous one.
diff --git a/src/common/compat_libevent.c b/src/common/compat_libevent.c
index e0c7e3a..c338dd6 100644
--- a/src/common/compat_libevent.c
+++ b/src/common/compat_libevent.c
@@ -264,7 +264,7 @@ tor_decode_libevent_version(const char *v)
 
   /* Try the new preferred "1.4.11-stable" format.
    * Also accept "1.4.14b-stable". */
-  fields = sscanf(v, "%u.%u.%u%c%c", &major, &minor, &patchlevel, &c, &e);
+  fields = tor_sscanf(v, "%u.%u.%u%c%c", &major, &minor, &patchlevel, &c, &e);
   if (fields == 3 ||
       ((fields == 4 || fields == 5 ) && (c == '-' || c == '_')) ||
       (fields == 5 && TOR_ISALPHA(c) && (e == '-' || e == '_'))) {
@@ -272,7 +272,7 @@ tor_decode_libevent_version(const char *v)
   }
 
   /* Try the old "1.3e" format. */
-  fields = sscanf(v, "%u.%u%c%c", &major, &minor, &c, &extra);
+  fields = tor_sscanf(v, "%u.%u%c%c", &major, &minor, &c, &extra);
   if (fields == 3 && TOR_ISALPHA(c)) {
     return V_OLD(major, minor, c);
   } else if (fields == 2) {
diff --git a/src/or/geoip.c b/src/or/geoip.c
index 59490bd..62c7a5c 100644
--- a/src/or/geoip.c
+++ b/src/or/geoip.c
@@ -116,10 +116,10 @@ geoip_parse_entry(const char *line)
     ++line;
   if (*line == '#')
     return 0;
-  if (sscanf(line,"%u,%u,%2s", &low, &high, b) == 3) {
+  if (tor_sscanf(line,"%u,%u,%2s", &low, &high, b) == 3) {
     geoip_add_entry(low, high, b);
     return 0;
-  } else if (sscanf(line,"\"%u\",\"%u\",\"%2s\",", &low, &high, b) == 3) {
+  } else if (tor_sscanf(line,"\"%u\",\"%u\",\"%2s\",", &low, &high, b) == 3) {
     geoip_add_entry(low, high, b);
     return 0;
   } else {





More information about the tor-commits mailing list