diff options
Diffstat (limited to 'apps')
-rw-r--r-- | apps/app_adsiprog.c | 6 | ||||
-rw-r--r-- | apps/app_alarmreceiver.c | 2 | ||||
-rw-r--r-- | apps/app_chanspy.c | 4 | ||||
-rw-r--r-- | apps/app_dahdibarge.c | 6 | ||||
-rw-r--r-- | apps/app_disa.c | 4 | ||||
-rw-r--r-- | apps/app_followme.c | 4 | ||||
-rw-r--r-- | apps/app_macro.c | 8 | ||||
-rw-r--r-- | apps/app_meetme.c | 30 | ||||
-rw-r--r-- | apps/app_minivm.c | 8 | ||||
-rw-r--r-- | apps/app_mixmonitor.c | 6 | ||||
-rw-r--r-- | apps/app_morsecode.c | 4 | ||||
-rw-r--r-- | apps/app_originate.c | 2 | ||||
-rw-r--r-- | apps/app_osplookup.c | 34 | ||||
-rw-r--r-- | apps/app_privacy.c | 4 | ||||
-rw-r--r-- | apps/app_queue.c | 12 | ||||
-rw-r--r-- | apps/app_readfile.c | 2 | ||||
-rw-r--r-- | apps/app_record.c | 4 | ||||
-rw-r--r-- | apps/app_rpt.c | 35 | ||||
-rw-r--r-- | apps/app_setcallerid.c | 2 | ||||
-rw-r--r-- | apps/app_sms.c | 2 | ||||
-rw-r--r-- | apps/app_stack.c | 2 | ||||
-rw-r--r-- | apps/app_talkdetect.c | 8 | ||||
-rw-r--r-- | apps/app_verbose.c | 2 | ||||
-rw-r--r-- | apps/app_voicemail.c | 46 | ||||
-rw-r--r-- | apps/app_waitforring.c | 2 | ||||
-rw-r--r-- | apps/app_waitforsilence.c | 6 | ||||
-rw-r--r-- | apps/app_waituntil.c | 2 |
27 files changed, 131 insertions, 116 deletions
diff --git a/apps/app_adsiprog.c b/apps/app_adsiprog.c index 8f789c6c4..7c2581c99 100644 --- a/apps/app_adsiprog.c +++ b/apps/app_adsiprog.c @@ -201,7 +201,7 @@ static int process_token(void *out, char *src, int maxlen, int argtype) if (!(argtype & ARG_NUMBER)) return -1; /* Octal value */ - if (sscanf(src, "%o", (int *)out) != 1) + if (sscanf(src, "%30o", (int *)out) != 1) return -1; if (argtype & ARG_STRING) { /* Convert */ @@ -211,7 +211,7 @@ static int process_token(void *out, char *src, int maxlen, int argtype) if (!(argtype & ARG_NUMBER)) return -1; /* Hex value */ - if (sscanf(src + 2, "%x", (unsigned int *)out) != 1) + if (sscanf(src + 2, "%30x", (unsigned int *)out) != 1) return -1; if (argtype & ARG_STRING) { /* Convert */ @@ -221,7 +221,7 @@ static int process_token(void *out, char *src, int maxlen, int argtype) if (!(argtype & ARG_NUMBER)) return -1; /* Hex value */ - if (sscanf(src, "%d", (int *)out) != 1) + if (sscanf(src, "%30d", (int *)out) != 1) return -1; if (argtype & ARG_STRING) { /* Convert */ diff --git a/apps/app_alarmreceiver.c b/apps/app_alarmreceiver.c index 6b34dfb54..37e99be03 100644 --- a/apps/app_alarmreceiver.c +++ b/apps/app_alarmreceiver.c @@ -124,7 +124,7 @@ static void database_increment( char *key ) return; } - sscanf(value, "%u", &v); + sscanf(value, "%30u", &v); v++; ast_verb(4, "AlarmReceiver: New value for %s: %u\n", key, v); diff --git a/apps/app_chanspy.c b/apps/app_chanspy.c index b280da2d5..8ede9c83b 100644 --- a/apps/app_chanspy.c +++ b/apps/app_chanspy.c @@ -1061,7 +1061,7 @@ static int chanspy_exec(struct ast_channel *chan, void *data) if (ast_test_flag(&flags, OPTION_VOLUME) && opts[OPT_ARG_VOLUME]) { int vol; - if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &vol) != 1) || (vol > 4) || (vol < -4)) + if ((sscanf(opts[OPT_ARG_VOLUME], "%30d", &vol) != 1) || (vol > 4) || (vol < -4)) ast_log(LOG_NOTICE, "Volume factor must be a number between -4 and 4\n"); else volfactor = vol; @@ -1160,7 +1160,7 @@ static int extenspy_exec(struct ast_channel *chan, void *data) if (ast_test_flag(&flags, OPTION_VOLUME) && opts[OPT_ARG_VOLUME]) { int vol; - if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &vol) != 1) || (vol > 4) || (vol < -4)) + if ((sscanf(opts[OPT_ARG_VOLUME], "%30d", &vol) != 1) || (vol > 4) || (vol < -4)) ast_log(LOG_NOTICE, "Volume factor must be a number between -4 and 4\n"); else volfactor = vol; diff --git a/apps/app_dahdibarge.c b/apps/app_dahdibarge.c index cfa445acc..c41f7b685 100644 --- a/apps/app_dahdibarge.c +++ b/apps/app_dahdibarge.c @@ -267,8 +267,8 @@ static int conf_exec(struct ast_channel *chan, void *data) char confnostr[80] = ""; if (!ast_strlen_zero(data)) { - if ((sscanf(data, "DAHDI/%d", &confno) != 1) && - (sscanf(data, "%d", &confno) != 1)) { + if ((sscanf(data, "DAHDI/%30d", &confno) != 1) && + (sscanf(data, "%30d", &confno) != 1)) { ast_log(LOG_WARNING, "DAHDIBarge Argument (if specified) must be a channel number, not '%s'\n", (char *)data); return 0; } @@ -282,7 +282,7 @@ static int conf_exec(struct ast_channel *chan, void *data) confnostr[0] = '\0'; res = ast_app_getdata(chan, "conf-getchannel",confnostr, sizeof(confnostr) - 1, 0); if (res <0) goto out; - if (sscanf(confnostr, "%d", &confno) != 1) + if (sscanf(confnostr, "%30d", &confno) != 1) confno = 0; } if (confno) { diff --git a/apps/app_disa.c b/apps/app_disa.c index 691fa94ab..bc2970f43 100644 --- a/apps/app_disa.c +++ b/apps/app_disa.c @@ -250,7 +250,7 @@ static int disa_exec(struct ast_channel *chan, void *data) if (!(k&1)) { /* if in password state */ if (j == '#') { /* end of password */ /* see if this is an integer */ - if (sscanf(args.passcode,"%d",&j) < 1) { /* nope, it must be a filename */ + if (sscanf(args.passcode,"%30d",&j) < 1) { /* nope, it must be a filename */ fp = fopen(args.passcode,"r"); if (!fp) { ast_log(LOG_WARNING,"DISA password file %s not found on chan %s\n",args.passcode,chan->name); @@ -276,7 +276,7 @@ static int disa_exec(struct ast_channel *chan, void *data) ast_debug(1, "Mailbox: %s\n",args.mailbox); /* password must be in valid format (numeric) */ - if (sscanf(args.passcode,"%d", &j) < 1) + if (sscanf(args.passcode,"%30d", &j) < 1) continue; /* if we got it */ if (!strcmp(exten,args.passcode)) { diff --git a/apps/app_followme.c b/apps/app_followme.c index d27aa36d8..310dad5c6 100644 --- a/apps/app_followme.c +++ b/apps/app_followme.c @@ -333,7 +333,7 @@ static int reload_followme(int reload) featuredigittostr = ast_variable_retrieve(cfg, "general", "featuredigittimeout"); if (!ast_strlen_zero(featuredigittostr)) { - if (!sscanf(featuredigittostr, "%d", &featuredigittimeout)) + if (!sscanf(featuredigittostr, "%30d", &featuredigittimeout)) featuredigittimeout = 5000; } @@ -955,7 +955,7 @@ static struct call_followme *find_realtime(const char *name) if (!(numstr = ast_variable_retrieve(cfg, catg, "phonenumber"))) { continue; } - if (!(timeoutstr = ast_variable_retrieve(cfg, catg, "timeout")) || sscanf(timeoutstr, "%d", &timeout) != 1 || timeout < 1) { + if (!(timeoutstr = ast_variable_retrieve(cfg, catg, "timeout")) || sscanf(timeoutstr, "%30d", &timeout) != 1 || timeout < 1) { timeout = 25; } /* This one has to exist; it was part of the query */ diff --git a/apps/app_macro.c b/apps/app_macro.c index 0a489dab3..faf97a83a 100644 --- a/apps/app_macro.c +++ b/apps/app_macro.c @@ -264,12 +264,12 @@ static int _macro_exec(struct ast_channel *chan, void *data, int exclusive) /* does the user want a deeper rabbit hole? */ ast_channel_lock(chan); if ((s = pbx_builtin_getvar_helper(chan, "MACRO_RECURSION"))) { - sscanf(s, "%d", &maxdepth); + sscanf(s, "%30d", &maxdepth); } /* Count how many levels deep the rabbit hole goes */ if ((s = pbx_builtin_getvar_helper(chan, "MACRO_DEPTH"))) { - sscanf(s, "%d", &depth); + sscanf(s, "%30d", &depth); } /* Used for detecting whether to return when a Macro is called from another Macro after hangup */ @@ -277,7 +277,7 @@ static int _macro_exec(struct ast_channel *chan, void *data, int exclusive) pbx_builtin_setvar_helper(chan, "MACRO_IN_HANGUP", "1"); if ((inhangupc = pbx_builtin_getvar_helper(chan, "MACRO_IN_HANGUP"))) { - sscanf(inhangupc, "%d", &inhangup); + sscanf(inhangupc, "%30d", &inhangup); } ast_channel_unlock(chan); @@ -530,7 +530,7 @@ static int _macro_exec(struct ast_channel *chan, void *data, int exclusive) if ((offsets = pbx_builtin_getvar_helper(chan, "MACRO_OFFSET"))) { /* Handle macro offset if it's set by checking the availability of step n + offset + 1, otherwise continue normally if there is any problem */ - if (sscanf(offsets, "%d", &offset) == 1) { + if (sscanf(offsets, "%30d", &offset) == 1) { if (ast_exists_extension(chan, chan->context, chan->exten, chan->priority + offset + 1, chan->cid.cid_num)) { chan->priority += offset; } diff --git a/apps/app_meetme.c b/apps/app_meetme.c index 9e3753809..54fc37ae2 100644 --- a/apps/app_meetme.c +++ b/apps/app_meetme.c @@ -1130,7 +1130,7 @@ static struct ast_conference *build_conf(char *confno, char *pin, char *pinadmin AST_LIST_INSERT_HEAD(&confs, cnf, list); /* Reserve conference number in map */ - if ((sscanf(cnf->confno, "%d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024)) + if ((sscanf(cnf->confno, "%30d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024)) conf_map[confno_int] = 1; cnfout: @@ -1798,7 +1798,7 @@ static int dispose_conf(struct ast_conference *conf) AST_LIST_LOCK(&confs); if (ast_atomic_dec_and_test(&conf->refcount)) { /* Take the conference room number out of an inuse state */ - if ((sscanf(conf->confno, "%d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024)) { + if ((sscanf(conf->confno, "%4d", &confno_int) == 1) && (confno_int >= 0 && confno_int < 1024)) { conf_map[confno_int] = 0; } conf_free(conf); @@ -2025,7 +2025,7 @@ static int conf_run(struct ast_channel *chan, struct ast_conference *conf, int c /* Possible timeout waiting for marked user */ if ((confflags & CONFFLAG_WAITMARKED) && !ast_strlen_zero(optargs[OPT_ARG_WAITMARKED]) && - (sscanf(optargs[OPT_ARG_WAITMARKED], "%d", &opt_waitmarked_timeout) == 1) && + (sscanf(optargs[OPT_ARG_WAITMARKED], "%30d", &opt_waitmarked_timeout) == 1) && (opt_waitmarked_timeout > 0)) { timeout = time(NULL) + opt_waitmarked_timeout; } @@ -3780,7 +3780,7 @@ static int conf_exec(struct ast_channel *chan, void *data) if (!res) ast_waitstream(chan, ""); } else { - if (sscanf(confno, "%d", &confno_int) == 1) { + if (sscanf(confno, "%30d", &confno_int) == 1) { if (!ast_test_flag(&confflags, CONFFLAG_QUIET)) { res = ast_streamfile(chan, "conf-enteringno", chan->language); if (!res) { @@ -3917,7 +3917,7 @@ static struct ast_conf_user *find_user(struct ast_conference *conf, char *caller struct ast_conf_user *user = NULL; int cid; - sscanf(callerident, "%i", &cid); + sscanf(callerident, "%30i", &cid); if (conf && callerident) { AST_LIST_TRAVERSE(&conf->userlist, user, list) { if (cid == user->user_no) @@ -4432,7 +4432,7 @@ static void load_config_meetme(void) rt_log_members = 1; if ((val = ast_variable_retrieve(cfg, "general", "audiobuffers"))) { - if ((sscanf(val, "%d", &audio_buffers) != 1)) { + if ((sscanf(val, "%30d", &audio_buffers) != 1)) { ast_log(LOG_WARNING, "audiobuffers setting must be a number, not '%s'\n", val); audio_buffers = DEFAULT_AUDIO_BUFFERS; } else if ((audio_buffers < DAHDI_DEFAULT_NUM_BUFS) || (audio_buffers > DAHDI_MAX_NUM_BUFS)) { @@ -4449,25 +4449,25 @@ static void load_config_meetme(void) if ((val = ast_variable_retrieve(cfg, "general", "logmembercount"))) rt_log_members = ast_true(val); if ((val = ast_variable_retrieve(cfg, "general", "fuzzystart"))) { - if ((sscanf(val, "%d", &fuzzystart) != 1)) { + if ((sscanf(val, "%30d", &fuzzystart) != 1)) { ast_log(LOG_WARNING, "fuzzystart must be a number, not '%s'\n", val); fuzzystart = 0; } } if ((val = ast_variable_retrieve(cfg, "general", "earlyalert"))) { - if ((sscanf(val, "%d", &earlyalert) != 1)) { + if ((sscanf(val, "%30d", &earlyalert) != 1)) { ast_log(LOG_WARNING, "earlyalert must be a number, not '%s'\n", val); earlyalert = 0; } } if ((val = ast_variable_retrieve(cfg, "general", "endalert"))) { - if ((sscanf(val, "%d", &endalert) != 1)) { + if ((sscanf(val, "%30d", &endalert) != 1)) { ast_log(LOG_WARNING, "endalert must be a number, not '%s'\n", val); endalert = 0; } } if ((val = ast_variable_retrieve(cfg, "general", "extendby"))) { - if ((sscanf(val, "%d", &extendby) != 1)) { + if ((sscanf(val, "%30d", &extendby) != 1)) { ast_log(LOG_WARNING, "extendby must be a number, not '%s'\n", val); extendby = 0; } @@ -6033,7 +6033,7 @@ static int sla_build_trunk(struct ast_config *cfg, const char *cat) if (!strcasecmp(var->name, "autocontext")) ast_string_field_set(trunk, autocontext, var->value); else if (!strcasecmp(var->name, "ringtimeout")) { - if (sscanf(var->value, "%u", &trunk->ring_timeout) != 1) { + if (sscanf(var->value, "%30u", &trunk->ring_timeout) != 1) { ast_log(LOG_WARNING, "Invalid ringtimeout '%s' specified for trunk '%s'\n", var->value, trunk->name); trunk->ring_timeout = 0; @@ -6109,13 +6109,13 @@ static void sla_add_trunk_to_station(struct sla_station *station, struct ast_var char *name, *value = cur; name = strsep(&value, "="); if (!strcasecmp(name, "ringtimeout")) { - if (sscanf(value, "%u", &trunk_ref->ring_timeout) != 1) { + if (sscanf(value, "%30u", &trunk_ref->ring_timeout) != 1) { ast_log(LOG_WARNING, "Invalid ringtimeout value '%s' for " "trunk '%s' on station '%s'\n", value, trunk->name, station->name); trunk_ref->ring_timeout = 0; } } else if (!strcasecmp(name, "ringdelay")) { - if (sscanf(value, "%u", &trunk_ref->ring_delay) != 1) { + if (sscanf(value, "%30u", &trunk_ref->ring_delay) != 1) { ast_log(LOG_WARNING, "Invalid ringdelay value '%s' for " "trunk '%s' on station '%s'\n", value, trunk->name, station->name); trunk_ref->ring_delay = 0; @@ -6164,13 +6164,13 @@ static int sla_build_station(struct ast_config *cfg, const char *cat) else if (!strcasecmp(var->name, "autocontext")) ast_string_field_set(station, autocontext, var->value); else if (!strcasecmp(var->name, "ringtimeout")) { - if (sscanf(var->value, "%u", &station->ring_timeout) != 1) { + if (sscanf(var->value, "%30u", &station->ring_timeout) != 1) { ast_log(LOG_WARNING, "Invalid ringtimeout '%s' specified for station '%s'\n", var->value, station->name); station->ring_timeout = 0; } } else if (!strcasecmp(var->name, "ringdelay")) { - if (sscanf(var->value, "%u", &station->ring_delay) != 1) { + if (sscanf(var->value, "%30u", &station->ring_delay) != 1) { ast_log(LOG_WARNING, "Invalid ringdelay '%s' specified for station '%s'\n", var->value, station->name); station->ring_delay = 0; diff --git a/apps/app_minivm.c b/apps/app_minivm.c index 1ed9a7a3d..434f736f4 100644 --- a/apps/app_minivm.c +++ b/apps/app_minivm.c @@ -1946,7 +1946,7 @@ static int minivm_record_exec(struct ast_channel *chan, void *data) if (ast_test_flag(&flags, OPT_RECORDGAIN)) { int gain; - if (sscanf(opts[OPT_ARG_RECORDGAIN], "%d", &gain) != 1) { + if (sscanf(opts[OPT_ARG_RECORDGAIN], "%30d", &gain) != 1) { ast_log(LOG_WARNING, "Invalid value '%s' provided for record gain option\n", opts[OPT_ARG_RECORDGAIN]); return -1; } else @@ -2371,7 +2371,7 @@ static int create_vmaccount(char *name, struct ast_variable *var, int realtime) } else if (!strcasecmp(var->name, "pager")) { ast_copy_string(vmu->pager, var->value, sizeof(vmu->pager)); } else if (!strcasecmp(var->name, "volgain")) { - sscanf(var->value, "%lf", &vmu->volgain); + sscanf(var->value, "%30lf", &vmu->volgain); } else { ast_log(LOG_ERROR, "Unknown configuration option for minivm account %s : %s\n", name, var->name); } @@ -2541,7 +2541,7 @@ static int apply_general_options(struct ast_variable *var) global_silencethreshold = atoi(var->value); } else if (!strcmp(var->name, "maxmessage")) { int x; - if (sscanf(var->value, "%d", &x) == 1) { + if (sscanf(var->value, "%30d", &x) == 1) { global_vmmaxmessage = x; } else { error ++; @@ -2549,7 +2549,7 @@ static int apply_general_options(struct ast_variable *var) } } else if (!strcmp(var->name, "minmessage")) { int x; - if (sscanf(var->value, "%d", &x) == 1) { + if (sscanf(var->value, "%30d", &x) == 1) { global_vmminmessage = x; if (global_maxsilence <= global_vmminmessage) ast_log(LOG_WARNING, "maxsilence should be less than minmessage or you may get empty messages\n"); diff --git a/apps/app_mixmonitor.c b/apps/app_mixmonitor.c index e413abfc3..0fe0bb0f1 100644 --- a/apps/app_mixmonitor.c +++ b/apps/app_mixmonitor.c @@ -475,7 +475,7 @@ static int mixmonitor_exec(struct ast_channel *chan, void *data) if (ast_test_flag(&flags, MUXFLAG_READVOLUME)) { if (ast_strlen_zero(opts[OPT_ARG_READVOLUME])) { ast_log(LOG_WARNING, "No volume level was provided for the heard volume ('v') option.\n"); - } else if ((sscanf(opts[OPT_ARG_READVOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) { + } else if ((sscanf(opts[OPT_ARG_READVOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) { ast_log(LOG_NOTICE, "Heard volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_READVOLUME]); } else { readvol = get_volfactor(x); @@ -485,7 +485,7 @@ static int mixmonitor_exec(struct ast_channel *chan, void *data) if (ast_test_flag(&flags, MUXFLAG_WRITEVOLUME)) { if (ast_strlen_zero(opts[OPT_ARG_WRITEVOLUME])) { ast_log(LOG_WARNING, "No volume level was provided for the spoken volume ('V') option.\n"); - } else if ((sscanf(opts[OPT_ARG_WRITEVOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) { + } else if ((sscanf(opts[OPT_ARG_WRITEVOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) { ast_log(LOG_NOTICE, "Spoken volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_WRITEVOLUME]); } else { writevol = get_volfactor(x); @@ -495,7 +495,7 @@ static int mixmonitor_exec(struct ast_channel *chan, void *data) if (ast_test_flag(&flags, MUXFLAG_VOLUME)) { if (ast_strlen_zero(opts[OPT_ARG_VOLUME])) { ast_log(LOG_WARNING, "No volume level was provided for the combined volume ('W') option.\n"); - } else if ((sscanf(opts[OPT_ARG_VOLUME], "%d", &x) != 1) || (x < -4) || (x > 4)) { + } else if ((sscanf(opts[OPT_ARG_VOLUME], "%2d", &x) != 1) || (x < -4) || (x > 4)) { ast_log(LOG_NOTICE, "Combined volume must be a number between -4 and 4, not '%s'\n", opts[OPT_ARG_VOLUME]); } else { readvol = writevol = get_volfactor(x); diff --git a/apps/app_morsecode.c b/apps/app_morsecode.c index 25b5c49e3..ae767d059 100644 --- a/apps/app_morsecode.c +++ b/apps/app_morsecode.c @@ -132,7 +132,7 @@ static int morsecode_exec(struct ast_channel *chan, void *data) /* Use variable MORESEDITLEN, if set (else 80) */ ast_channel_lock(chan); ditlenc = pbx_builtin_getvar_helper(chan, "MORSEDITLEN"); - if (ast_strlen_zero(ditlenc) || (sscanf(ditlenc, "%d", &ditlen) != 1)) { + if (ast_strlen_zero(ditlenc) || (sscanf(ditlenc, "%30d", &ditlen) != 1)) { ditlen = 80; } ast_channel_unlock(chan); @@ -140,7 +140,7 @@ static int morsecode_exec(struct ast_channel *chan, void *data) /* Use variable MORSETONE, if set (else 800) */ ast_channel_lock(chan); tonec = pbx_builtin_getvar_helper(chan, "MORSETONE"); - if (ast_strlen_zero(tonec) || (sscanf(tonec, "%d", &tone) != 1)) { + if (ast_strlen_zero(tonec) || (sscanf(tonec, "%30d", &tone) != 1)) { tone = 800; } ast_channel_unlock(chan); diff --git a/apps/app_originate.c b/apps/app_originate.c index 15d34a5d3..0372a2b59 100644 --- a/apps/app_originate.c +++ b/apps/app_originate.c @@ -136,7 +136,7 @@ static int originate_exec(struct ast_channel *chan, void *data) if (args.argc == 5) { /* Context/Exten/Priority all specified */ - if (sscanf(args.arg3, "%d", &priority) != 1) { + if (sscanf(args.arg3, "%30d", &priority) != 1) { ast_log(LOG_ERROR, "Invalid priority: '%s'\n", args.arg3); goto return_cleanup; } diff --git a/apps/app_osplookup.c b/apps/app_osplookup.c index 597392616..306e71e81 100644 --- a/apps/app_osplookup.c +++ b/apps/app_osplookup.c @@ -247,7 +247,7 @@ static int osp_create_provider( ast_log(LOG_WARNING, "OSP: Too many Service Points at line %d\n", v->lineno); } } else if (!strcasecmp(v->name, "maxconnections")) { - if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_MAXCONNECTIONS) && (t <= OSP_MAX_MAXCONNECTIONS)) { + if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_MAXCONNECTIONS) && (t <= OSP_MAX_MAXCONNECTIONS)) { p->maxconnections = t; ast_debug(1, "OSP: maxconnections '%d'\n", t); } else { @@ -255,7 +255,7 @@ static int osp_create_provider( OSP_MIN_MAXCONNECTIONS, OSP_MAX_MAXCONNECTIONS, v->value, v->lineno); } } else if (!strcasecmp(v->name, "retrydelay")) { - if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_RETRYDELAY) && (t <= OSP_MAX_RETRYDELAY)) { + if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_RETRYDELAY) && (t <= OSP_MAX_RETRYDELAY)) { p->retrydelay = t; ast_debug(1, "OSP: retrydelay '%d'\n", t); } else { @@ -263,7 +263,7 @@ static int osp_create_provider( OSP_MIN_RETRYDELAY, OSP_MAX_RETRYDELAY, v->value, v->lineno); } } else if (!strcasecmp(v->name, "retrylimit")) { - if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_RETRYLIMIT) && (t <= OSP_MAX_RETRYLIMIT)) { + if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_RETRYLIMIT) && (t <= OSP_MAX_RETRYLIMIT)) { p->retrylimit = t; ast_debug(1, "OSP: retrylimit '%d'\n", t); } else { @@ -271,7 +271,7 @@ static int osp_create_provider( OSP_MIN_RETRYLIMIT, OSP_MAX_RETRYLIMIT, v->value, v->lineno); } } else if (!strcasecmp(v->name, "timeout")) { - if ((sscanf(v->value, "%d", &t) == 1) && (t >= OSP_MIN_TIMEOUT) && (t <= OSP_MAX_TIMEOUT)) { + if ((sscanf(v->value, "%30d", &t) == 1) && (t >= OSP_MIN_TIMEOUT) && (t <= OSP_MAX_TIMEOUT)) { p->timeout = t; ast_debug(1, "OSP: timeout '%d'\n", t); } else { @@ -282,7 +282,7 @@ static int osp_create_provider( ast_copy_string(p->source, v->value, sizeof(p->source)); ast_debug(1, "OSP: source '%s'\n", p->source); } else if (!strcasecmp(v->name, "authpolicy")) { - if ((sscanf(v->value, "%d", &t) == 1) && ((t == OSP_AUTH_NO) || (t == OSP_AUTH_YES) || (t == OSP_AUTH_EXCLUSIVE))) { + if ((sscanf(v->value, "%30d", &t) == 1) && ((t == OSP_AUTH_NO) || (t == OSP_AUTH_YES) || (t == OSP_AUTH_EXCLUSIVE))) { p->authpolicy = t; ast_debug(1, "OSP: authpolicy '%d'\n", t); } else { @@ -1392,11 +1392,11 @@ static int osplookup_exec( headp = &chan->varshead; AST_LIST_TRAVERSE(headp, current, entries) { if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) { - if (sscanf(ast_var_value(current), "%d", &result.inhandle) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.inhandle) != 1) { result.inhandle = OSP_INVALID_HANDLE; } } else if (!strcasecmp(ast_var_name(current), "OSPINTIMELIMIT")) { - if (sscanf(ast_var_value(current), "%d", &result.intimelimit) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.intimelimit) != 1) { result.intimelimit = OSP_DEF_TIMELIMIT; } } else if (!strcasecmp(ast_var_name(current), "OSPINNETWORKID")) { @@ -1533,7 +1533,7 @@ static int ospnext_exec( AST_STANDARD_APP_ARGS(args, tmp); - if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%d", &cause) != 1) { + if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%30d", &cause) != 1) { cause = 0; } ast_debug(1, "OSPNext: cause '%d'\n", cause); @@ -1551,23 +1551,23 @@ static int ospnext_exec( headp = &chan->varshead; AST_LIST_TRAVERSE(headp, current, entries) { if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) { - if (sscanf(ast_var_value(current), "%d", &result.inhandle) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.inhandle) != 1) { result.inhandle = OSP_INVALID_HANDLE; } } else if (!strcasecmp(ast_var_name(current), "OSPOUTHANDLE")) { - if (sscanf(ast_var_value(current), "%d", &result.outhandle) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.outhandle) != 1) { result.outhandle = OSP_INVALID_HANDLE; } } else if (!strcasecmp(ast_var_name(current), "OSPINTIMELIMIT")) { - if (sscanf(ast_var_value(current), "%d", &result.intimelimit) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.intimelimit) != 1) { result.intimelimit = OSP_DEF_TIMELIMIT; } } else if (!strcasecmp(ast_var_name(current), "OSPOUTCALLIDTYPES")) { - if (sscanf(ast_var_value(current), "%d", &callidtypes) != 1) { + if (sscanf(ast_var_value(current), "%30d", &callidtypes) != 1) { callidtypes = OSP_CALLID_UNDEFINED; } } else if (!strcasecmp(ast_var_name(current), "OSPRESULTS")) { - if (sscanf(ast_var_value(current), "%d", &result.numresults) != 1) { + if (sscanf(ast_var_value(current), "%30d", &result.numresults) != 1) { result.numresults = 0; } } @@ -1686,11 +1686,11 @@ static int ospfinished_exec( headp = &chan->varshead; AST_LIST_TRAVERSE(headp, current, entries) { if (!strcasecmp(ast_var_name(current), "OSPINHANDLE")) { - if (sscanf(ast_var_value(current), "%d", &inhandle) != 1) { + if (sscanf(ast_var_value(current), "%30d", &inhandle) != 1) { inhandle = OSP_INVALID_HANDLE; } } else if (!strcasecmp(ast_var_name(current), "OSPOUTHANDLE")) { - if (sscanf(ast_var_value(current), "%d", &outhandle) != 1) { + if (sscanf(ast_var_value(current), "%30d", &outhandle) != 1) { outhandle = OSP_INVALID_HANDLE; } } else if (!recorded && @@ -1707,7 +1707,7 @@ static int ospfinished_exec( ast_debug(1, "OSPFinish: OSPOUTHANDLE '%d'\n", outhandle); ast_debug(1, "OSPFinish: recorded '%d'\n", recorded); - if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%d", &cause) != 1) { + if (!ast_strlen_zero(args.cause) && sscanf(args.cause, "%30d", &cause) != 1) { cause = 0; } ast_debug(1, "OSPFinish: cause '%d'\n", cause); @@ -1803,7 +1803,7 @@ static int osp_load(int reload) t = ast_variable_retrieve(cfg, OSP_GENERAL_CAT, "tokenformat"); if (t) { - if ((sscanf(t, "%d", &v) == 1) && + if ((sscanf(t, "%30d", &v) == 1) && ((v == TOKEN_ALGO_SIGNED) || (v == TOKEN_ALGO_UNSIGNED) || (v == TOKEN_ALGO_BOTH))) { osp_tokenformat = v; diff --git a/apps/app_privacy.c b/apps/app_privacy.c index a2e7152b7..0780d279e 100644 --- a/apps/app_privacy.c +++ b/apps/app_privacy.c @@ -111,13 +111,13 @@ static int privacy_exec (struct ast_channel *chan, void *data) AST_STANDARD_APP_ARGS(args, parse); if (args.maxretries) { - if (sscanf(args.maxretries, "%d", &x) == 1) + if (sscanf(args.maxretries, "%30d", &x) == 1) maxretries = x; else ast_log(LOG_WARNING, "Invalid max retries argument\n"); } if (args.minlength) { - if (sscanf(args.minlength, "%d", &x) == 1) + if (sscanf(args.minlength, "%30d", &x) == 1) minlength = x; else ast_log(LOG_WARNING, "Invalid min length argument\n"); diff --git a/apps/app_queue.c b/apps/app_queue.c index bf48336e0..69a32c61e 100644 --- a/apps/app_queue.c +++ b/apps/app_queue.c @@ -4852,7 +4852,7 @@ static int aqm_exec(struct ast_channel *chan, void *data) } if (!ast_strlen_zero(args.penalty)) { - if ((sscanf(args.penalty, "%d", &penalty) != 1) || penalty < 0) { + if ((sscanf(args.penalty, "%30d", &penalty) != 1) || penalty < 0) { ast_log(LOG_WARNING, "Penalty '%s' is invalid, must be an integer >= 0\n", args.penalty); penalty = 0; } @@ -5011,7 +5011,7 @@ static int queue_exec(struct ast_channel *chan, void *data) ast_channel_lock(chan); user_priority = pbx_builtin_getvar_helper(chan, "QUEUE_PRIO"); if (user_priority) { - if (sscanf(user_priority, "%d", &prio) == 1) { + if (sscanf(user_priority, "%30d", &prio) == 1) { ast_debug(1, "%s: Got priority %d from ${QUEUE_PRIO}.\n", chan->name, prio); } else { ast_log(LOG_WARNING, "${QUEUE_PRIO}: Invalid value (%s), channel %s.\n", @@ -5026,7 +5026,7 @@ static int queue_exec(struct ast_channel *chan, void *data) /* Get the maximum penalty from the variable ${QUEUE_MAX_PENALTY} */ if ((max_penalty_str = pbx_builtin_getvar_helper(chan, "QUEUE_MAX_PENALTY"))) { - if (sscanf(max_penalty_str, "%d", &max_penalty) == 1) { + if (sscanf(max_penalty_str, "%30d", &max_penalty) == 1) { ast_debug(1, "%s: Got max penalty %d from ${QUEUE_MAX_PENALTY}.\n", chan->name, max_penalty); } else { ast_log(LOG_WARNING, "${QUEUE_MAX_PENALTY}: Invalid value (%s), channel %s.\n", @@ -5038,7 +5038,7 @@ static int queue_exec(struct ast_channel *chan, void *data) } if ((min_penalty_str = pbx_builtin_getvar_helper(chan, "QUEUE_MIN_PENALTY"))) { - if (sscanf(min_penalty_str, "%d", &min_penalty) == 1) { + if (sscanf(min_penalty_str, "%30d", &min_penalty) == 1) { ast_debug(1, "%s: Got min penalty %d from ${QUEUE_MIN_PENALTY}.\n", chan->name, min_penalty); } else { ast_log(LOG_WARNING, "${QUEUE_MIN_PENALTY}: Invalid value (%s), channel %s.\n", @@ -6399,7 +6399,7 @@ static int manager_add_queue_member(struct mansession *s, const struct message * if (ast_strlen_zero(penalty_s)) penalty = 0; - else if (sscanf(penalty_s, "%d", &penalty) != 1 || penalty < 0) + else if (sscanf(penalty_s, "%30d", &penalty) != 1 || penalty < 0) penalty = 0; if (ast_strlen_zero(paused_s)) @@ -6639,7 +6639,7 @@ static char *handle_queue_add_member(struct ast_cli_entry *e, int cmd, struct as queuename = a->argv[5]; interface = a->argv[3]; if (a->argc >= 8) { - if (sscanf(a->argv[7], "%d", &penalty) == 1) { + if (sscanf(a->argv[7], "%30d", &penalty) == 1) { if (penalty < 0) { ast_cli(a->fd, "Penalty must be >= 0\n"); penalty = 0; diff --git a/apps/app_readfile.c b/apps/app_readfile.c index b65dbf656..9ec2c942f 100644 --- a/apps/app_readfile.c +++ b/apps/app_readfile.c @@ -94,7 +94,7 @@ static int readfile_exec(struct ast_channel *chan, void *data) } if (length) { - if ((sscanf(length, "%d", &len) != 1) || (len < 0)) { + if ((sscanf(length, "%30d", &len) != 1) || (len < 0)) { ast_log(LOG_WARNING, "%s is not a positive number, defaulting length to max\n", length); len = 0; } diff --git a/apps/app_record.c b/apps/app_record.c index 69bbd5387..8d8fb0cdb 100644 --- a/apps/app_record.c +++ b/apps/app_record.c @@ -190,7 +190,7 @@ static int record_exec(struct ast_channel *chan, void *data) return -1; } if (args.silence) { - if ((sscanf(args.silence, "%d", &i) == 1) && (i > -1)) { + if ((sscanf(args.silence, "%30d", &i) == 1) && (i > -1)) { silence = i * 1000; } else if (!ast_strlen_zero(args.silence)) { ast_log(LOG_WARNING, "'%s' is not a valid silence duration\n", args.silence); @@ -198,7 +198,7 @@ static int record_exec(struct ast_channel *chan, void *data) } if (args.maxduration) { - if ((sscanf(args.maxduration, "%d", &i) == 1) && (i > -1)) + if ((sscanf(args.maxduration, "%30d", &i) == 1) && (i > -1)) /* Convert duration to milliseconds */ maxduration = i * 1000; else if (!ast_strlen_zero(args.maxduration)) diff --git a/apps/app_rpt.c b/apps/app_rpt.c index a5778574b..8d20553de 100644 --- a/apps/app_rpt.c +++ b/apps/app_rpt.c @@ -2101,7 +2101,10 @@ int ret; if (str == NULL) return -1; /* leave this %i alone, non-base-10 input is useful here */ - if (sscanf(str,"%i",&ret) != 1) return -1; + if (sscanf(str, "%30i", &ret) != 1) { + return -1; + } + return ret; } @@ -2325,7 +2328,7 @@ static char *cs_keywords[] = {"rptena","rptdis","apena","apdis","lnkena","lnkdis /* do not use atoi() here, we need to be able to have the input specified in hex or decimal so we use sscanf with a %i */ - if ((!val) || (sscanf(val,"%i",&rpt_vars[n].p.iobase) != 1)) + if ((!val) || (sscanf(val,"%30i",&rpt_vars[n].p.iobase) != 1)) rpt_vars[n].p.iobase = DEFAULT_IOBASE; val = (char *) ast_variable_retrieve(cfg,this,"ioport"); rpt_vars[n].p.ioport = val; @@ -3640,7 +3643,7 @@ static int send_tone_telemetry(struct ast_channel *chan, char *tonestring) tonesubset = strsep(&stringp,")"); if(!tonesubset) break; - if(sscanf(tonesubset,"(%d,%d,%d,%d", &f1, &f2, &duration, &litude) != 4) + if(sscanf(tonesubset,"(%30d,%30d,%30d,%30d", &f1, &f2, &duration, &litude) != 4) break; res = play_tone_pair(chan, f1, f2, duration, amplitude); if(res) @@ -5065,7 +5068,7 @@ struct dahdi_params par; p = strstr(tdesc, "version"); if(!p) break; - if(sscanf(p, "version %d.%d", &vmajor, &vminor) != 2) + if(sscanf(p, "version %30d.%30d", &vmajor, &vminor) != 2) break; wait_interval(myrpt, DLY_TELEM, mychannel); /* Wait a little bit */ /* Say "version" */ @@ -6673,6 +6676,8 @@ static int collect_function_digits(struct rpt *myrpt, char *digits, static void handle_link_data(struct rpt *myrpt, struct rpt_link *mylink, char *str) { +/* XXX ATTENTION: if you change the size of these arrays you MUST + * change the limits in corresponding sscanf() calls below. */ char tmp[512],tmp1[512],cmd[300] = "",dest[300],src[300],c; int i,seq, res, ts; struct rpt_link *l; @@ -6711,7 +6716,7 @@ struct ast_frame wf; } if (tmp[0] == 'K') { - if (sscanf(tmp,"%s %s %s %d %d",cmd,dest,src,&seq,&ts) != 5) + if (sscanf(tmp, "%299s %299s %299s %30d %30d", cmd, dest, src, &seq, &ts) != 5) { ast_log(LOG_WARNING, "Unable to parse keying string %s\n",str); return; @@ -6819,7 +6824,9 @@ struct ast_frame wf; } if (tmp[0] == 'I') { - if (sscanf(tmp,"%s %s %x",cmd,src,&seq) != 3) + /* XXX WARNING: be very careful with the limits on the folowing + * sscanf() call, make sure they match the values defined above */ + if (sscanf(tmp,"%299s %299s %30x",cmd,src,&seq) != 3) { ast_log(LOG_WARNING, "Unable to parse ident string %s\n",str); return; @@ -6829,7 +6836,9 @@ struct ast_frame wf; } else { - if (sscanf(tmp,"%s %s %s %d %c",cmd,dest,src,&seq,&c) != 5) + /* XXX WARNING: be very careful with the limits on the folowing + * sscanf() call, make sure they match the values defined above */ + if (sscanf(tmp,"%299s %299s %299s %30d %1c",cmd,dest,src,&seq,&c) != 5) { ast_log(LOG_WARNING, "Unable to parse link string %s\n",str); return; @@ -10224,6 +10233,8 @@ int ret,res = 0,src; static int handle_remote_data(struct rpt *myrpt, char *str) { +/* XXX ATTENTION: if you change the size of these arrays you MUST + * change the limits in corresponding sscanf() calls below. */ char tmp[300],cmd[300],dest[300],src[300],c; int seq,res; @@ -10239,7 +10250,9 @@ int seq,res; #ifndef DO_NOT_NOTIFY_MDC1200_ON_REMOTE_BASES if (tmp[0] == 'I') { - if (sscanf(tmp,"%s %s %x",cmd,src,&seq) != 3) + /* XXX WARNING: be very careful with the limits on the folowing + * sscanf() call, make sure they match the values defined above */ + if (sscanf(tmp,"%299s %299s %30x",cmd,src,&seq) != 3) { ast_log(LOG_WARNING, "Unable to parse ident string %s\n",str); return 0; @@ -10248,7 +10261,9 @@ int seq,res; return 0; } #endif - if (sscanf(tmp,"%s %s %s %d %c",cmd,dest,src,&seq,&c) != 5) + /* XXX WARNING: be very careful with the limits on the folowing + * sscanf() call, make sure they match the values defined above */ + if (sscanf(tmp,"%299s %299s %299s %30d %1c",cmd,dest,src,&seq,&c) != 5) { ast_log(LOG_WARNING, "Unable to parse link string %s\n",str); return 0; @@ -11879,7 +11894,7 @@ char tmpstr[300],lstr[MAXLINKLIST]; p = strstr(tdesc, "version"); if(p){ int vmajor,vminor; - if(sscanf(p, "version %d.%d", &vmajor, &vminor) == 2) + if(sscanf(p, "version %30d.%30d", &vmajor, &vminor) == 2) sprintf(str + strlen(str),"&apprptvers=%d.%d",vmajor,vminor); } time(&now); diff --git a/apps/app_setcallerid.c b/apps/app_setcallerid.c index 6592249b4..d50bcc47c 100644 --- a/apps/app_setcallerid.c +++ b/apps/app_setcallerid.c @@ -95,7 +95,7 @@ static int setcallerid_pres_exec(struct ast_channel *chan, void *data) } /* For interface consistency, permit the argument to be specified as a number */ - if (sscanf(data, "%d", &pres) != 1 || pres < 0 || pres > 255 || (pres & 0x9c)) { + if (sscanf(data, "%30d", &pres) != 1 || pres < 0 || pres > 255 || (pres & 0x9c)) { pres = ast_parse_caller_presentation(data); } diff --git a/apps/app_sms.c b/apps/app_sms.c index 9dec33b4a..bbf014065 100644 --- a/apps/app_sms.c +++ b/apps/app_sms.c @@ -878,7 +878,7 @@ static void sms_readfile(sms_t * h, char *fn) } else if (!strcmp(line, "scts")) { /* get date/time */ int Y, m, d, H, M, S; /* XXX Why aren't we using ast_strptime here? */ - if (sscanf(p, "%d-%d-%dT%d:%d:%d", &Y, &m, &d, &H, &M, &S) == 6) { + if (sscanf(p, "%4d-%2d-%2dT%2d:%2d:%2d", &Y, &m, &d, &H, &M, &S) == 6) { struct ast_tm t = { 0, }; t.tm_year = Y - 1900; t.tm_mon = m - 1; diff --git a/apps/app_stack.c b/apps/app_stack.c index 0ce4ccb73..ef534cd7b 100644 --- a/apps/app_stack.c +++ b/apps/app_stack.c @@ -555,7 +555,7 @@ static int handle_gosub(struct ast_channel *chan, AGI *agi, int argc, char **arg ast_debug(1, "Gosub called with %d arguments: 0:%s 1:%s 2:%s 3:%s 4:%s\n", argc, argv[0], argv[1], argv[2], argv[3], argc == 5 ? argv[4] : ""); - if (sscanf(argv[3], "%d", &priority) != 1 || priority < 1) { + if (sscanf(argv[3], "%30d", &priority) != 1 || priority < 1) { /* Lookup the priority label */ if ((priority = ast_findlabel_extension(chan, argv[1], argv[2], argv[3], chan->cid.cid_num)) < 0) { ast_log(LOG_ERROR, "Priority '%s' not found in '%s@%s'\n", argv[3], argv[2], argv[1]); diff --git a/apps/app_talkdetect.c b/apps/app_talkdetect.c index 85f0dff4e..74393cef0 100644 --- a/apps/app_talkdetect.c +++ b/apps/app_talkdetect.c @@ -105,16 +105,16 @@ static int background_detect_exec(struct ast_channel *chan, void *data) tmp = ast_strdupa(data); AST_STANDARD_APP_ARGS(args, tmp); - if (!ast_strlen_zero(args.silence) && (sscanf(args.silence, "%d", &x) == 1) && (x > 0)) { + if (!ast_strlen_zero(args.silence) && (sscanf(args.silence, "%30d", &x) == 1) && (x > 0)) { sil = x; } - if (!ast_strlen_zero(args.min) && (sscanf(args.min, "%d", &x) == 1) && (x > 0)) { + if (!ast_strlen_zero(args.min) && (sscanf(args.min, "%30d", &x) == 1) && (x > 0)) { min = x; } - if (!ast_strlen_zero(args.max) && (sscanf(args.max, "%d", &x) == 1) && (x > 0)) { + if (!ast_strlen_zero(args.max) && (sscanf(args.max, "%30d", &x) == 1) && (x > 0)) { max = x; } - if (!ast_strlen_zero(args.analysistime) && (sscanf(args.analysistime, "%d", &x) == 1) && (x > 0)) { + if (!ast_strlen_zero(args.analysistime) && (sscanf(args.analysistime, "%30d", &x) == 1) && (x > 0)) { analysistime = x; } diff --git a/apps/app_verbose.c b/apps/app_verbose.c index b4c6a6384..31b8df252 100644 --- a/apps/app_verbose.c +++ b/apps/app_verbose.c @@ -92,7 +92,7 @@ static int verbose_exec(struct ast_channel *chan, void *data) args.level = "0"; } - if (sscanf(args.level, "%d", &vsize) != 1) { + if (sscanf(args.level, "%30d", &vsize) != 1) { vsize = 0; ast_log(LOG_WARNING, "'%s' is not a verboser number\n", args.level); } diff --git a/apps/app_voicemail.c b/apps/app_voicemail.c index cb66a1f27..44c4eb266 100644 --- a/apps/app_voicemail.c +++ b/apps/app_voicemail.c @@ -919,7 +919,7 @@ static void apply_option(struct ast_vm_user *vmu, const char *var, const char *v } else if (!strcasecmp(var, "sayduration")){ ast_set2_flag(vmu, ast_true(value), VM_SAYDURATION); } else if (!strcasecmp(var, "saydurationm")){ - if (sscanf(value, "%d", &x) == 1) { + if (sscanf(value, "%30d", &x) == 1) { vmu->saydurationm = x; } else { ast_log(AST_LOG_WARNING, "Invalid min duration for say duration\n"); @@ -953,7 +953,7 @@ static void apply_option(struct ast_vm_user *vmu, const char *var, const char *v vmu->maxmsg = MAXMSGLIMIT; } } else if (!strcasecmp(var, "backupdeleted")) { - if (sscanf(value, "%d", &x) == 1) + if (sscanf(value, "%30d", &x) == 1) vmu->maxdeletedmsg = x; else if (ast_true(value)) vmu->maxdeletedmsg = MAXMSG; @@ -968,7 +968,7 @@ static void apply_option(struct ast_vm_user *vmu, const char *var, const char *v vmu->maxdeletedmsg = MAXMSGLIMIT; } } else if (!strcasecmp(var, "volgain")) { - sscanf(value, "%lf", &vmu->volgain); + sscanf(value, "%30lf", &vmu->volgain); } else if (!strcasecmp(var, "options")) { apply_options(vmu, value); } @@ -3102,7 +3102,7 @@ static int last_message_index(struct ast_vm_user *vmu, char *dir) ast_odbc_release_obj(obj); goto yuck; } - if (sscanf(rowdata, "%d", &x) != 1) + if (sscanf(rowdata, "%30d", &x) != 1) ast_log(AST_LOG_WARNING, "Failed to read message count!\n"); SQLFreeHandle (SQL_HANDLE_STMT, stmt); ast_odbc_release_obj(obj); @@ -3157,7 +3157,7 @@ static int message_exists(char *dir, int msgnum) ast_odbc_release_obj(obj); goto yuck; } - if (sscanf(rowdata, "%d", &x) != 1) + if (sscanf(rowdata, "%30d", &x) != 1) ast_log(AST_LOG_WARNING, "Failed to read message count!\n"); SQLFreeHandle (SQL_HANDLE_STMT, stmt); ast_odbc_release_obj(obj); @@ -3575,7 +3575,7 @@ static int last_message_index(struct ast_vm_user *vmu, char *dir) * find each file. */ msgdir = opendir(dir); while ((msgdirent = readdir(msgdir))) { - if (sscanf(msgdirent->d_name, "msg%d", &msgdirint) == 1 && msgdirint < MAXMSGLIMIT) + if (sscanf(msgdirent->d_name, "msg%30d", &msgdirint) == 1 && msgdirint < MAXMSGLIMIT) map[msgdirint] = 1; } closedir(msgdir); @@ -3899,7 +3899,7 @@ static void prep_email_sub_vars(struct ast_channel *ast, struct ast_vm_user *vmu pbx_builtin_setvar_helper(ast, "ORIG_VM_CIDNUM", origcidnum); } - if ((origtime = ast_variable_retrieve(msg_cfg, "message", "origtime")) && sscanf(origtime, "%d", &inttime) == 1) { + if ((origtime = ast_variable_retrieve(msg_cfg, "message", "origtime")) && sscanf(origtime, "%30d", &inttime) == 1) { struct timeval tv = { inttime, }; struct ast_tm tm; ast_localtime(&tv, &tm, NULL); @@ -4264,7 +4264,7 @@ static void make_email_file(FILE *p, char *srcemail, struct ast_vm_user *vmu, in /* You might be tempted to do origdate, except that a) it's in the wrong * format, and b) it's missing for IMAP recordings. */ - if ((v = ast_variable_retrieve(msg_cfg, "message", "origtime")) && sscanf(v, "%d", &inttime) == 1) { + if ((v = ast_variable_retrieve(msg_cfg, "message", "origtime")) && sscanf(v, "%30d", &inttime) == 1) { struct timeval tv = { inttime, }; struct ast_tm tm; ast_localtime(&tv, &tm, NULL); @@ -8955,7 +8955,7 @@ static int vm_execmain(struct ast_channel *chan, void *data) if (ast_test_flag(&flags, OPT_RECORDGAIN)) { int gain; if (!ast_strlen_zero(opts[OPT_ARG_RECORDGAIN])) { - if (sscanf(opts[OPT_ARG_RECORDGAIN], "%d", &gain) != 1) { + if (sscanf(opts[OPT_ARG_RECORDGAIN], "%30d", &gain) != 1) { ast_log(AST_LOG_WARNING, "Invalid value '%s' provided for record gain option\n", opts[OPT_ARG_RECORDGAIN]); return -1; } else { @@ -8968,7 +8968,7 @@ static int vm_execmain(struct ast_channel *chan, void *data) if (ast_test_flag(&flags, OPT_AUTOPLAY) ) { play_auto = 1; if (opts[OPT_ARG_PLAYFOLDER]) { - if (sscanf(opts[OPT_ARG_PLAYFOLDER], "%d", &play_folder) != 1) { + if (sscanf(opts[OPT_ARG_PLAYFOLDER], "%30d", &play_folder) != 1) { ast_log(AST_LOG_WARNING, "Invalid value '%s' provided for folder autoplay option\n", opts[OPT_ARG_PLAYFOLDER]); } } else { @@ -9634,7 +9634,7 @@ static int vm_exec(struct ast_channel *chan, void *data) if (ast_test_flag(&flags, OPT_RECORDGAIN)) { int gain; - if (sscanf(opts[OPT_ARG_RECORDGAIN], "%d", &gain) != 1) { + if (sscanf(opts[OPT_ARG_RECORDGAIN], "%30d", &gain) != 1) { ast_log(AST_LOG_WARNING, "Invalid value '%s' provided for record gain option\n", opts[OPT_ARG_RECORDGAIN]); return -1; } else { @@ -10471,7 +10471,7 @@ static int load_config(int reload) volgain = 0.0; if ((val = ast_variable_retrieve(cfg, "general", "volgain"))) - sscanf(val, "%lf", &volgain); + sscanf(val, "%30lf", &volgain); #ifdef ODBC_STORAGE strcpy(odbc_database, "asterisk"); @@ -10511,7 +10511,7 @@ static int load_config(int reload) if (!(val = ast_variable_retrieve(cfg, "general", "backupdeleted"))) { maxdeletedmsg = 0; } else { - if (sscanf(val, "%d", &x) == 1) + if (sscanf(val, "%30d", &x) == 1) maxdeletedmsg = x; else if (ast_true(val)) maxdeletedmsg = MAXMSG; @@ -10663,7 +10663,7 @@ static int load_config(int reload) vmmaxsecs = 0; if ((val = ast_variable_retrieve(cfg, "general", "maxsecs"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { vmmaxsecs = x; } else { ast_log(AST_LOG_WARNING, "Invalid max message time length\n"); @@ -10674,7 +10674,7 @@ static int load_config(int reload) maxmessage_deprecate = 1; ast_log(AST_LOG_WARNING, "Setting 'maxmessage' has been deprecated in favor of 'maxsecs'.\n"); } - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { vmmaxsecs = x; } else { ast_log(AST_LOG_WARNING, "Invalid max message time length\n"); @@ -10683,7 +10683,7 @@ static int load_config(int reload) vmminsecs = 0; if ((val = ast_variable_retrieve(cfg, "general", "minsecs"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { vmminsecs = x; if (maxsilence / 1000 >= vmminsecs) { ast_log(AST_LOG_WARNING, "maxsilence should be less than minmessage or you may get empty messages\n"); @@ -10697,7 +10697,7 @@ static int load_config(int reload) maxmessage_deprecate = 1; ast_log(AST_LOG_WARNING, "Setting 'minmessage' has been deprecated in favor of 'minsecs'.\n"); } - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { vmminsecs = x; if (maxsilence / 1000 >= vmminsecs) { ast_log(AST_LOG_WARNING, "maxsilence should be less than minmessage or you may get empty messages\n"); @@ -10714,7 +10714,7 @@ static int load_config(int reload) skipms = 3000; if ((val = ast_variable_retrieve(cfg, "general", "maxgreet"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { maxgreet = x; } else { ast_log(AST_LOG_WARNING, "Invalid max message greeting length\n"); @@ -10722,7 +10722,7 @@ static int load_config(int reload) } if ((val = ast_variable_retrieve(cfg, "general", "skipms"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { skipms = x; } else { ast_log(AST_LOG_WARNING, "Invalid skipms value\n"); @@ -10731,7 +10731,7 @@ static int load_config(int reload) maxlogins = 3; if ((val = ast_variable_retrieve(cfg, "general", "maxlogins"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { maxlogins = x; } else { ast_log(AST_LOG_WARNING, "Invalid max failed login attempts\n"); @@ -10740,7 +10740,7 @@ static int load_config(int reload) minpassword = MINPASSWORD; if ((val = ast_variable_retrieve(cfg, "general", "minpassword"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { minpassword = x; } else { ast_log(AST_LOG_WARNING, "Invalid minimum password length. Default to %d\n", minpassword); @@ -10836,7 +10836,7 @@ static int load_config(int reload) saydurationminfo = 2; if ((val = ast_variable_retrieve(cfg, "general", "saydurationm"))) { - if (sscanf(val, "%d", &x) == 1) { + if (sscanf(val, "%30d", &x) == 1) { saydurationminfo = x; } else { ast_log(AST_LOG_WARNING, "Invalid min duration for say duration\n"); @@ -10901,7 +10901,7 @@ static int load_config(int reload) poll_freq = DEFAULT_POLL_FREQ; if ((val = ast_variable_retrieve(cfg, "general", "pollfreq"))) { - if (sscanf(val, "%u", &poll_freq) != 1) { + if (sscanf(val, "%30u", &poll_freq) != 1) { poll_freq = DEFAULT_POLL_FREQ; ast_log(AST_LOG_ERROR, "'%s' is not a valid value for the pollfreq option!\n", val); } diff --git a/apps/app_waitforring.c b/apps/app_waitforring.c index fd5913e04..339560a58 100644 --- a/apps/app_waitforring.c +++ b/apps/app_waitforring.c @@ -60,7 +60,7 @@ static int waitforring_exec(struct ast_channel *chan, void *data) double s; int ms; - if (!data || (sscanf(data, "%lg", &s) != 1)) { + if (!data || (sscanf(data, "%30lg", &s) != 1)) { ast_log(LOG_WARNING, "WaitForRing requires an argument (minimum seconds)\n"); return 0; } diff --git a/apps/app_waitforsilence.c b/apps/app_waitforsilence.c index f68b70ad3..1756e42d5 100644 --- a/apps/app_waitforsilence.c +++ b/apps/app_waitforsilence.c @@ -214,9 +214,9 @@ static int waitfor_exec(struct ast_channel *chan, void *data, int wait_for_silen res = ast_answer(chan); /* Answer the channel */ } - if (!data || ( (sscanf(data, "%d,%d,%d", &timereqd, &iterations, &timeout) != 3) && - (sscanf(data, "%d,%d", &timereqd, &iterations) != 2) && - (sscanf(data, "%d", &timereqd) != 1) ) ) { + if (!data || ( (sscanf(data, "%30d,%30d,%30d", &timereqd, &iterations, &timeout) != 3) && + (sscanf(data, "%30d,%30d", &timereqd, &iterations) != 2) && + (sscanf(data, "%30d", &timereqd) != 1) ) ) { ast_log(LOG_WARNING, "Using default value of 1000ms, 1 iteration, no timeout\n"); } diff --git a/apps/app_waituntil.c b/apps/app_waituntil.c index 0b6ccc677..5abea9c4b 100644 --- a/apps/app_waituntil.c +++ b/apps/app_waituntil.c @@ -82,7 +82,7 @@ static int waituntil_exec(struct ast_channel *chan, void *data) return 0; } - if (sscanf(data, "%ld%lf", &seconds, &fraction) == 0) { + if (sscanf(data, "%30ld%30lf", &seconds, &fraction) == 0) { ast_log(LOG_WARNING, "WaitUntil called with non-numeric argument\n"); pbx_builtin_setvar_helper(chan, "WAITUNTILSTATUS", "FAILURE"); return 0; |