From d69c554bf4ab96d713b9f58fb22ea449cfd5901b Mon Sep 17 00:00:00 2001 From: tilghman Date: Mon, 10 Aug 2009 19:36:38 +0000 Subject: AST-2009-005 git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.6.2@211580 f38db490-d61c-443f-a65b-d21fe96a405b --- cdr/cdr_adaptive_odbc.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'cdr/cdr_adaptive_odbc.c') diff --git a/cdr/cdr_adaptive_odbc.c b/cdr/cdr_adaptive_odbc.c index 6c72d19c7..a8f1177b1 100644 --- a/cdr/cdr_adaptive_odbc.c +++ b/cdr/cdr_adaptive_odbc.c @@ -461,7 +461,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_TYPE_DATE: { int year = 0, month = 0, day = 0; - if (sscanf(colptr, "%d-%d-%d", &year, &month, &day) != 3 || year <= 0 || + if (sscanf(colptr, "%4d-%2d-%2d", &year, &month, &day) != 3 || year <= 0 || month <= 0 || month > 12 || day < 0 || day > 31 || ((month == 4 || month == 6 || month == 9 || month == 11) && day == 31) || (month == 2 && year % 400 == 0 && day > 29) || @@ -484,7 +484,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_TYPE_TIME: { int hour = 0, minute = 0, second = 0; - int count = sscanf(colptr, "%d:%d:%d", &hour, &minute, &second); + int count = sscanf(colptr, "%2d:%2d:%2d", &hour, &minute, &second); if ((count != 2 && count != 3) || hour < 0 || hour > 23 || minute < 0 || minute > 59 || second < 0 || second > 59) { ast_log(LOG_WARNING, "CDR variable %s is not a valid time ('%s').\n", entry->name, colptr); @@ -500,7 +500,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_TIMESTAMP: { int year = 0, month = 0, day = 0, hour = 0, minute = 0, second = 0; - int count = sscanf(colptr, "%d-%d-%d %d:%d:%d", &year, &month, &day, &hour, &minute, &second); + int count = sscanf(colptr, "%4d-%2d-%2d %2d:%2d:%2d", &year, &month, &day, &hour, &minute, &second); if ((count != 3 && count != 5 && count != 6) || year <= 0 || month <= 0 || month > 12 || day < 0 || day > 31 || @@ -526,7 +526,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_INTEGER: { int integer = 0; - if (sscanf(colptr, "%d", &integer) != 1) { + if (sscanf(colptr, "%30d", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); continue; } @@ -539,7 +539,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_BIGINT: { long long integer = 0; - if (sscanf(colptr, "%lld", &integer) != 1) { + if (sscanf(colptr, "%30lld", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); continue; } @@ -552,7 +552,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_SMALLINT: { short integer = 0; - if (sscanf(colptr, "%hd", &integer) != 1) { + if (sscanf(colptr, "%30hd", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); continue; } @@ -565,7 +565,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_TINYINT: { char integer = 0; - if (sscanf(colptr, "%hhd", &integer) != 1) { + if (sscanf(colptr, "%30hhd", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); continue; } @@ -578,7 +578,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_BIT: { char integer = 0; - if (sscanf(colptr, "%hhd", &integer) != 1) { + if (sscanf(colptr, "%30hhd", &integer) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name); continue; } @@ -594,7 +594,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_DECIMAL: { double number = 0.0; - if (sscanf(colptr, "%lf", &number) != 1) { + if (sscanf(colptr, "%30lf", &number) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an numeric type.\n", entry->name); continue; } @@ -609,7 +609,7 @@ static int odbc_log(struct ast_cdr *cdr) case SQL_DOUBLE: { double number = 0.0; - if (sscanf(colptr, "%lf", &number) != 1) { + if (sscanf(colptr, "%30lf", &number) != 1) { ast_log(LOG_WARNING, "CDR variable %s is not an numeric type.\n", entry->name); continue; } -- cgit v1.2.3