diff options
| author | tilghman <tilghman@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-08-10 19:30:55 +0000 |
|---|---|---|
| committer | tilghman <tilghman@f38db490-d61c-443f-a65b-d21fe96a405b> | 2009-08-10 19:30:55 +0000 |
| commit | 0a58b6f090e35416038b228aba00cad23499770d (patch) | |
| tree | b3527de796ac80b2f4fcdb132f2d270c8f1b05cc /cdr | |
| parent | f53a0bbe56fc4b41f96aad790f8de69f544d7b8f (diff) | |
AST-2009-005
git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.6.1@211569 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'cdr')
| -rw-r--r-- | cdr/cdr_adaptive_odbc.c | 20 | ||||
| -rw-r--r-- | cdr/cdr_pgsql.c | 6 |
2 files changed, 13 insertions, 13 deletions
diff --git a/cdr/cdr_adaptive_odbc.c b/cdr/cdr_adaptive_odbc.c index 12c150a39..c58babea3 100644 --- a/cdr/cdr_adaptive_odbc.c +++ b/cdr/cdr_adaptive_odbc.c @@ -419,7 +419,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_TYPE_DATE: { int year = 0, month = 0, day = 0; - if (sscanf(colptr, "%d-%d-%d", &year, &month, &day) != 3 || year <= 0 || + if (sscanf(colptr, "%4d-%2d-%2d", &year, &month, &day) != 3 || year <= 0 || month <= 0 || month > 12 || day < 0 || day > 31 || ((month == 4 || month == 6 || month == 9 || month == 11) && day == 31) || (month == 2 && year % 400 == 0 && day > 29) || @@ -441,7 +441,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_TYPE_TIME: { int hour = 0, minute = 0, second = 0; - int count = sscanf(colptr, "%d:%d:%d", &hour, &minute, &second); + int count = sscanf(colptr, "%2d:%2d:%2d", &hour, &minute, &second); if ((count != 2 && count != 3) || hour < 0 || hour > 23 || minute < 0 || minute > 59 || second < 0 || second > 59) { ast_log(LOG_WARNING, "CDR variable %s is not a valid time ('%s').\n", entry->name, colptr); @@ -457,7 +457,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_TIMESTAMP: { int year = 0, month = 0, day = 0, hour = 0, minute = 0, second = 0; - int count = sscanf(colptr, "%d-%d-%d %d:%d:%d", &year, &month, &day, &hour, &minute, &second); + int count = sscanf(colptr, "%4d-%2d-%2d %2d:%2d:%2d", &year, &month, &day, &hour, &minute, &second); if ((count != 3 && count != 5 && count != 6) || year <= 0 || month <= 0 || month > 12 || day < 0 || day > 31 || @@ -482,7 +482,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_INTEGER: { int integer = 0; - if (sscanf(colptr, "%d", &integer) != 1) { + if (sscanf(colptr, "%30d", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); break; } @@ -495,7 +495,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_BIGINT: { long long integer = 0; - if (sscanf(colptr, "%lld", &integer) != 1) { + if (sscanf(colptr, "%30lld", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); break; } @@ -508,7 +508,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_SMALLINT: { short integer = 0; - if (sscanf(colptr, "%hd", &integer) != 1) { + if (sscanf(colptr, "%30hd", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); break; } @@ -521,7 +521,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_TINYINT: { char integer = 0; - if (sscanf(colptr, "%hhd", &integer) != 1) { + if (sscanf(colptr, "%30hhd", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); break; } @@ -534,7 +534,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_BIT: { char integer = 0; - if (sscanf(colptr, "%hhd", &integer) != 1) { + if (sscanf(colptr, "%30hhd", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); break; } @@ -550,7 +550,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_DECIMAL: { double number = 0.0; - if (sscanf(colptr, "%lf", &number) != 1) { + if (sscanf(colptr, "%30lf", &number) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an numeric type.\n", entry->name); break; } @@ -565,7 +565,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_DOUBLE: { double number = 0.0; - if (sscanf(colptr, "%lf", &number) != 1) { + if (sscanf(colptr, "%30lf", &number) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an numeric type.\n", entry->name); break; } diff --git a/cdr/cdr_pgsql.c b/cdr/cdr_pgsql.c index 1203e1644..decccfb58 100644 --- a/cdr/cdr_pgsql.c +++ b/cdr/cdr_pgsql.c @@ -240,7 +240,7 @@ static int pgsql_log(struct ast_cdr *cdr) ast_cdr_getvar(cdr, cur->name, &value, buf, sizeof(buf), 0, 0); if (strncmp(cur->type, "int", 3) == 0) { long long whatever; - if (value && sscanf(value, "%lld", &whatever) == 1) { + if (value && sscanf(value, "%30lld", &whatever) == 1) { LENGTHEN_BUF2(25); lensql2 += snprintf(sql2 + lensql2, sizesql2 - lensql2, "%lld", whatever); } else { @@ -249,7 +249,7 @@ static int pgsql_log(struct ast_cdr *cdr) } } else if (strncmp(cur->type, "float", 5) == 0) { long double whatever; - if (value && sscanf(value, "%Lf", &whatever) == 1) { + if (value && sscanf(value, "%30Lf", &whatever) == 1) { LENGTHEN_BUF2(50); lensql2 += snprintf(sql2 + lensql2, sizesql2 - lensql2, "%30Lf", whatever); } else { @@ -509,7 +509,7 @@ static int config_module(int reload) ast_verb(4, "Found column '%s' of type '%s'\n", fname, ftype); cur = ast_calloc(1, sizeof(*cur) + strlen(fname) + strlen(ftype) + 2); if (cur) { - sscanf(flen, "%d", &cur->len); + sscanf(flen, "%30d", &cur->len); cur->name = (char *)cur + sizeof(*cur); cur->type = (char *)cur + sizeof(*cur) + strlen(fname) + 1; strcpy(cur->name, fname); |