From d1ec1aa57d296243d584ad268d8e61d7d1998569 Mon Sep 17 00:00:00 2001
From: tilghman <tilghman@f38db490-d61c-443f-a65b-d21fe96a405b>
Date: Mon, 10 Aug 2009 19:20:57 +0000
Subject: AST-2009-005

git-svn-id: http://svn.digium.com/svn/asterisk/trunk@211539 f38db490-d61c-443f-a65b-d21fe96a405b
---
 doc/CODING-GUIDELINES | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'doc')

diff --git a/doc/CODING-GUIDELINES b/doc/CODING-GUIDELINES
index c81ca5c6b..8fb213e13 100644
--- a/doc/CODING-GUIDELINES
+++ b/doc/CODING-GUIDELINES
@@ -412,6 +412,17 @@ you wish to put into it (even if you did not allocate the buffer yourself),
 use a direct strcpy(), as it can be inlined and optimized to simple
 processor operations, unlike ast_copy_string().
 
+* String conversions
+--------------------
+
+When converting from strings to integers or floats, use the sscanf function
+in preference to the atoi and atof family of functions, as sscanf detects
+errors.  Always check the return value of sscanf to verify that your numeric
+variables successfully scanned before using them.  Also, to avoid a potential
+libc bug, always specify a maximum width for each format specifier, including
+integers and floats.  A good length for both integers and floats is 30, as
+this is more than generous, even if you're using doubles or long integers.
+
 * Use of functions
 ------------------
 
-- 
cgit v1.2.3