From d69c554bf4ab96d713b9f58fb22ea449cfd5901b Mon Sep 17 00:00:00 2001 From: tilghman Date: Mon, 10 Aug 2009 19:36:38 +0000 Subject: AST-2009-005 git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.6.2@211580 f38db490-d61c-443f-a65b-d21fe96a405b --- main/acl.c | 6 +++--- main/asterisk.c | 24 ++++++++++++------------ main/cdr.c | 4 ++-- main/channel.c | 4 ++-- main/cli.c | 2 +- main/config.c | 2 +- main/dnsmgr.c | 2 +- main/dsp.c | 2 +- main/enum.c | 2 +- main/features.c | 26 +++++++++++++------------- main/frame.c | 2 +- main/http.c | 6 +++--- main/indications.c | 24 ++++++++++++------------ main/manager.c | 10 +++++----- main/netsock.c | 2 +- main/pbx.c | 16 ++++++++-------- main/timing.c | 2 +- main/utils.c | 4 ++-- 18 files changed, 70 insertions(+), 70 deletions(-) (limited to 'main') diff --git a/main/acl.c b/main/acl.c index 3484c71db..fea76a62b 100644 --- a/main/acl.c +++ b/main/acl.c @@ -297,7 +297,7 @@ struct ast_ha *ast_append_ha(const char *sense, const char *stuff, struct ast_ha nm++; if (!strchr(nm, '.')) { - if ((sscanf(nm, "%d", &x) == 1) && (x >= 0) && (x <= 32)) { + if ((sscanf(nm, "%30d", &x) == 1) && (x >= 0) && (x <= 32)) { ha->netmask.s_addr = htonl(0xFFFFFFFF << (32 - x)); } else { ast_log(LOG_WARNING, "Invalid CIDR in %s\n", stuff); @@ -423,7 +423,7 @@ int ast_str2cos(const char *value, unsigned int *cos) { int fval; - if (sscanf(value, "%d", &fval) == 1) { + if (sscanf(value, "%30d", &fval) == 1) { if (fval < 8) { *cos = fval; return 0; @@ -438,7 +438,7 @@ int ast_str2tos(const char *value, unsigned int *tos) int fval; unsigned int x; - if (sscanf(value, "%i", &fval) == 1) { + if (sscanf(value, "%30i", &fval) == 1) { *tos = fval & 0xFF; return 0; } diff --git a/main/asterisk.c b/main/asterisk.c index adcd41238..a6f0e57f6 100644 --- a/main/asterisk.c +++ b/main/asterisk.c @@ -1391,7 +1391,7 @@ static int ast_makesocket(void) if (!ast_strlen_zero(ast_config_AST_CTL_PERMISSIONS)) { int p1; mode_t p; - sscanf(ast_config_AST_CTL_PERMISSIONS, "%o", &p1); + sscanf(ast_config_AST_CTL_PERMISSIONS, "%30o", &p1); p = p1; if ((chmod(ast_config_AST_SOCKET, p)) < 0) ast_log(LOG_WARNING, "Unable to change file permissions of %s: %s\n", ast_config_AST_SOCKET, strerror(errno)); @@ -2194,10 +2194,10 @@ static char *cli_prompt(EditLine *editline) switch (*t) { case 'C': /* color */ t++; - if (sscanf(t, "%d;%d%n", &fgcolor, &bgcolor, &i) == 2) { + if (sscanf(t, "%30d;%30d%n", &fgcolor, &bgcolor, &i) == 2) { ast_str_append(&prompt, 0, "%s", term_color_code(term_code, fgcolor, bgcolor, sizeof(term_code))); t += i - 1; - } else if (sscanf(t, "%d%n", &fgcolor, &i) == 1) { + } else if (sscanf(t, "%30d%n", &fgcolor, &i) == 1) { ast_str_append(&prompt, 0, "%s", term_color_code(term_code, fgcolor, 0, sizeof(term_code))); t += i - 1; } @@ -2238,7 +2238,7 @@ static char *cli_prompt(EditLine *editline) #ifdef HAVE_GETLOADAVG case 'l': /* load avg */ t++; - if (sscanf(t, "%d", &which) == 1 && which > 0 && which <= 3) { + if (sscanf(t, "%30d", &which) == 1 && which > 0 && which <= 3) { double list[3]; getloadavg(list, 3); ast_str_append(&prompt, 0, "%.2f", list[which - 1]); @@ -2880,7 +2880,7 @@ static void ast_readconfig(void) /* debug level (-d at startup) */ } else if (!strcasecmp(v->name, "debug")) { option_debug = 0; - if (sscanf(v->value, "%d", &option_debug) != 1) { + if (sscanf(v->value, "%30d", &option_debug) != 1) { option_debug = ast_true(v->value); } #if HAVE_WORKING_FORK @@ -2928,7 +2928,7 @@ static void ast_readconfig(void) } else if (!strcasecmp(v->name, "internal_timing")) { ast_set2_flag(&ast_options, ast_true(v->value), AST_OPT_FLAG_INTERNAL_TIMING); } else if (!strcasecmp(v->name, "maxcalls")) { - if ((sscanf(v->value, "%d", &option_maxcalls) != 1) || (option_maxcalls < 0)) { + if ((sscanf(v->value, "%30d", &option_maxcalls) != 1) || (option_maxcalls < 0)) { option_maxcalls = 0; } } else if (!strcasecmp(v->name, "maxload")) { @@ -2937,7 +2937,7 @@ static void ast_readconfig(void) if (getloadavg(test, 1) == -1) { ast_log(LOG_ERROR, "Cannot obtain load average on this system. 'maxload' option disabled.\n"); option_maxload = 0.0; - } else if ((sscanf(v->value, "%lf", &option_maxload) != 1) || (option_maxload < 0.0)) { + } else if ((sscanf(v->value, "%30lf", &option_maxload) != 1) || (option_maxload < 0.0)) { option_maxload = 0.0; } /* Set the maximum amount of open files */ @@ -2979,7 +2979,7 @@ static void ast_readconfig(void) } else if (!strcasecmp(v->name, "minmemfree")) { /* specify the minimum amount of free memory to retain. Asterisk should stop accepting new calls * if the amount of free memory falls below this watermark */ - if ((sscanf(v->value, "%ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { + if ((sscanf(v->value, "%30ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { option_minmemfree = 0; } #endif @@ -3000,7 +3000,7 @@ static void ast_readconfig(void) } for (v = ast_variable_browse(cfg, "compat"); v; v = v->next) { float version; - if (sscanf(v->value, "%f", &version) != 1) { + if (sscanf(v->value, "%30f", &version) != 1) { ast_log(LOG_WARNING, "Compatibility version for option '%s' is not a number: '%s'\n", v->name, v->value); continue; } @@ -3144,7 +3144,7 @@ int main(int argc, char *argv[]) switch (c) { #if defined(HAVE_SYSINFO) case 'e': - if ((sscanf(&optarg[1], "%ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { + if ((sscanf(&optarg[1], "%30ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { option_minmemfree = 0; } break; @@ -3184,11 +3184,11 @@ int main(int argc, char *argv[]) ast_set_flag(&ast_options, AST_OPT_FLAG_MUTE); break; case 'M': - if ((sscanf(optarg, "%d", &option_maxcalls) != 1) || (option_maxcalls < 0)) + if ((sscanf(optarg, "%30d", &option_maxcalls) != 1) || (option_maxcalls < 0)) option_maxcalls = 0; break; case 'L': - if ((sscanf(optarg, "%lf", &option_maxload) != 1) || (option_maxload < 0.0)) + if ((sscanf(optarg, "%30lf", &option_maxload) != 1) || (option_maxload < 0.0)) option_maxload = 0.0; break; case 'q': diff --git a/main/cdr.c b/main/cdr.c index 7011e32d5..4c03c8eb1 100644 --- a/main/cdr.c +++ b/main/cdr.c @@ -1448,7 +1448,7 @@ static int do_reload(int reload) batchsafeshutdown = ast_true(batchsafeshutdown_value); } if ((size_value = ast_variable_retrieve(config, "general", "size"))) { - if (sscanf(size_value, "%d", &cfg_size) < 1) + if (sscanf(size_value, "%30d", &cfg_size) < 1) ast_log(LOG_WARNING, "Unable to convert '%s' to a numeric value.\n", size_value); else if (cfg_size < 0) ast_log(LOG_WARNING, "Invalid maximum batch size '%d' specified, using default\n", cfg_size); @@ -1456,7 +1456,7 @@ static int do_reload(int reload) batchsize = cfg_size; } if ((time_value = ast_variable_retrieve(config, "general", "time"))) { - if (sscanf(time_value, "%d", &cfg_time) < 1) + if (sscanf(time_value, "%30d", &cfg_time) < 1) ast_log(LOG_WARNING, "Unable to convert '%s' to a numeric value.\n", time_value); else if (cfg_time < 0) ast_log(LOG_WARNING, "Invalid maximum batch time '%d' specified, using default\n", cfg_time); diff --git a/main/channel.c b/main/channel.c index 8d9bf01c3..c14c154fd 100644 --- a/main/channel.c +++ b/main/channel.c @@ -5400,9 +5400,9 @@ ast_group_t ast_get_group(const char *s) c = ast_strdupa(s); while ((piece = strsep(&c, ","))) { - if (sscanf(piece, "%d-%d", &start, &finish) == 2) { + if (sscanf(piece, "%30d-%30d", &start, &finish) == 2) { /* Range */ - } else if (sscanf(piece, "%d", &start)) { + } else if (sscanf(piece, "%30d", &start)) { /* Just one */ finish = start; } else { diff --git a/main/cli.c b/main/cli.c index f72948339..1ad4a76c3 100644 --- a/main/cli.c +++ b/main/cli.c @@ -444,7 +444,7 @@ static char *handle_verbose(struct ast_cli_entry *e, int cmd, struct ast_cli_arg atleast = 1; if (argc != e->args + atleast + 1 && argc != e->args + atleast + 2) return CLI_SHOWUSAGE; - if (sscanf(argv[e->args + atleast], "%d", &newlevel) != 1) + if (sscanf(argv[e->args + atleast], "%30d", &newlevel) != 1) return CLI_SHOWUSAGE; if (argc == e->args + atleast + 2) { unsigned int debug = (*what == 'C'); diff --git a/main/config.c b/main/config.c index 83adee0a4..5cfb67d91 100644 --- a/main/config.c +++ b/main/config.c @@ -364,7 +364,7 @@ void ast_variable_insert(struct ast_category *category, struct ast_variable *var int lineno; int insertline; - if (!variable || sscanf(line, "%d", &insertline) != 1) { + if (!variable || sscanf(line, "%30d", &insertline) != 1) { return; } if (!insertline) { diff --git a/main/dnsmgr.c b/main/dnsmgr.c index 54d9467ee..a7bc9f58a 100644 --- a/main/dnsmgr.c +++ b/main/dnsmgr.c @@ -394,7 +394,7 @@ static int do_reload(int loading) enabled = ast_true(enabled_value); } if ((interval_value = ast_variable_retrieve(config, "general", "refreshinterval"))) { - if (sscanf(interval_value, "%d", &interval) < 1) + if (sscanf(interval_value, "%30d", &interval) < 1) ast_log(LOG_WARNING, "Unable to convert '%s' to a numeric value.\n", interval_value); else if (interval < 0) ast_log(LOG_WARNING, "Invalid refresh interval '%d' specified, using default\n", interval); diff --git a/main/dsp.c b/main/dsp.c index 6c0b013e4..1ddfe967f 100644 --- a/main/dsp.c +++ b/main/dsp.c @@ -1677,7 +1677,7 @@ static int _dsp_init(int reload) const char *value; value = ast_variable_retrieve(cfg, "default", "silencethreshold"); - if (value && sscanf(value, "%d", &thresholds[THRESHOLD_SILENCE]) != 1) { + if (value && sscanf(value, "%30d", &thresholds[THRESHOLD_SILENCE]) != 1) { ast_log(LOG_WARNING, "%s: '%s' is not a valid silencethreshold value\n", CONFIG_FILE_NAME, value); thresholds[THRESHOLD_SILENCE] = 256; } else if (!value) { diff --git a/main/enum.c b/main/enum.c index 959f9aab5..cede37764 100644 --- a/main/enum.c +++ b/main/enum.c @@ -114,7 +114,7 @@ static int cclen(const char *number) strncpy(digits, number, 2); - if (!sscanf(digits, "%d", &cc)) { + if (!sscanf(digits, "%30d", &cc)) { return 0; } diff --git a/main/features.c b/main/features.c index 392fe2a47..6adde2cb9 100644 --- a/main/features.c +++ b/main/features.c @@ -601,7 +601,7 @@ static struct parkeduser *park_space_reserve(struct ast_channel *chan, * limitation here. If extout was not numeric, we could permit * arbitrary non-numeric extensions. */ - if (sscanf(parkingexten, "%d", &parking_space) != 1 || parking_space < 0) { + if (sscanf(parkingexten, "%30d", &parking_space) != 1 || parking_space < 0) { AST_LIST_UNLOCK(&parkinglot->parkings); parkinglot_unref(parkinglot); free(pu); @@ -3269,7 +3269,7 @@ static int park_call_exec(struct ast_channel *chan, void *data) if (parse) { if (!ast_strlen_zero(app_args.timeout)) { - if (sscanf(app_args.timeout, "%d", &args.timeout) != 1) { + if (sscanf(app_args.timeout, "%30d", &args.timeout) != 1) { ast_log(LOG_WARNING, "Invalid timeout '%s' provided\n", app_args.timeout); args.timeout = 0; } @@ -3281,7 +3281,7 @@ static int park_call_exec(struct ast_channel *chan, void *data) args.return_ext = app_args.return_ext; } if (!ast_strlen_zero(app_args.return_pri)) { - if (sscanf(app_args.return_pri, "%d", &args.return_pri) != 1) { + if (sscanf(app_args.return_pri, "%30d", &args.return_pri) != 1) { ast_log(LOG_WARNING, "Invalid priority '%s' specified\n", app_args.return_pri); args.return_pri = 0; } @@ -3549,13 +3549,13 @@ static struct ast_parkinglot *build_parkinglot(char *name, struct ast_variable * if (!strcasecmp(confvar->name, "context")) { ast_copy_string(parkinglot->parking_con, confvar->value, sizeof(parkinglot->parking_con)); } else if (!strcasecmp(confvar->name, "parkingtime")) { - if ((sscanf(confvar->value, "%d", &parkinglot->parkingtime) != 1) || (parkinglot->parkingtime < 1)) { + if ((sscanf(confvar->value, "%30d", &parkinglot->parkingtime) != 1) || (parkinglot->parkingtime < 1)) { ast_log(LOG_WARNING, "%s is not a valid parkingtime\n", confvar->value); parkinglot->parkingtime = DEFAULT_PARK_TIME; } else parkinglot->parkingtime = parkinglot->parkingtime * 1000; } else if (!strcasecmp(confvar->name, "parkpos")) { - if (sscanf(confvar->value, "%d-%d", &start, &end) != 2) { + if (sscanf(confvar->value, "%30d-%30d", &start, &end) != 2) { ast_log(LOG_WARNING, "Format for parking positions is a-b, where a and b are numbers at line %d of parking.conf\n", confvar->lineno); error = 1; } else { @@ -3719,13 +3719,13 @@ static int load_config(void) } else if (!strcasecmp(var->name, "context")) { ast_copy_string(default_parkinglot->parking_con, var->value, sizeof(default_parkinglot->parking_con)); } else if (!strcasecmp(var->name, "parkingtime")) { - if ((sscanf(var->value, "%d", &default_parkinglot->parkingtime) != 1) || (default_parkinglot->parkingtime < 1)) { + if ((sscanf(var->value, "%30d", &default_parkinglot->parkingtime) != 1) || (default_parkinglot->parkingtime < 1)) { ast_log(LOG_WARNING, "%s is not a valid parkingtime\n", var->value); default_parkinglot->parkingtime = DEFAULT_PARK_TIME; } else default_parkinglot->parkingtime = default_parkinglot->parkingtime * 1000; } else if (!strcasecmp(var->name, "parkpos")) { - if (sscanf(var->value, "%d-%d", &start, &end) != 2) { + if (sscanf(var->value, "%30d-%30d", &start, &end) != 2) { ast_log(LOG_WARNING, "Format for parking positions is a-b, where a and b are numbers at line %d of features.conf\n", var->lineno); } else if (default_parkinglot) { default_parkinglot->parking_start = start; @@ -3768,24 +3768,24 @@ static int load_config(void) } else if (!strcasecmp(var->name, "adsipark")) { adsipark = ast_true(var->value); } else if (!strcasecmp(var->name, "transferdigittimeout")) { - if ((sscanf(var->value, "%d", &transferdigittimeout) != 1) || (transferdigittimeout < 1)) { + if ((sscanf(var->value, "%30d", &transferdigittimeout) != 1) || (transferdigittimeout < 1)) { ast_log(LOG_WARNING, "%s is not a valid transferdigittimeout\n", var->value); transferdigittimeout = DEFAULT_TRANSFER_DIGIT_TIMEOUT; } else transferdigittimeout = transferdigittimeout * 1000; } else if (!strcasecmp(var->name, "featuredigittimeout")) { - if ((sscanf(var->value, "%d", &featuredigittimeout) != 1) || (featuredigittimeout < 1)) { + if ((sscanf(var->value, "%30d", &featuredigittimeout) != 1) || (featuredigittimeout < 1)) { ast_log(LOG_WARNING, "%s is not a valid featuredigittimeout\n", var->value); featuredigittimeout = DEFAULT_FEATURE_DIGIT_TIMEOUT; } } else if (!strcasecmp(var->name, "atxfernoanswertimeout")) { - if ((sscanf(var->value, "%d", &atxfernoanswertimeout) != 1) || (atxfernoanswertimeout < 1)) { + if ((sscanf(var->value, "%30d", &atxfernoanswertimeout) != 1) || (atxfernoanswertimeout < 1)) { ast_log(LOG_WARNING, "%s is not a valid atxfernoanswertimeout\n", var->value); atxfernoanswertimeout = DEFAULT_NOANSWER_TIMEOUT_ATTENDED_TRANSFER; } else atxfernoanswertimeout = atxfernoanswertimeout * 1000; } else if (!strcasecmp(var->name, "atxferloopdelay")) { - if ((sscanf(var->value, "%u", &atxferloopdelay) != 1)) { + if ((sscanf(var->value, "%30u", &atxferloopdelay) != 1)) { ast_log(LOG_WARNING, "%s is not a valid atxferloopdelay\n", var->value); atxferloopdelay = DEFAULT_ATXFER_LOOP_DELAY; } else @@ -3793,7 +3793,7 @@ static int load_config(void) } else if (!strcasecmp(var->name, "atxferdropcall")) { atxferdropcall = ast_true(var->value); } else if (!strcasecmp(var->name, "atxfercallbackretries")) { - if ((sscanf(var->value, "%u", &atxferloopdelay) != 1)) { + if ((sscanf(var->value, "%30u", &atxferloopdelay) != 1)) { ast_log(LOG_WARNING, "%s is not a valid atxfercallbackretries\n", var->value); atxfercallbackretries = DEFAULT_ATXFER_CALLBACK_RETRIES; } @@ -4404,7 +4404,7 @@ static int manager_park(struct mansession *s, const struct message *m) } if (!ast_strlen_zero(timeout)) { - sscanf(timeout, "%d", &to); + sscanf(timeout, "%30d", &to); } res = ast_masq_park_call(ch1, ch2, to, &parkExt); diff --git a/main/frame.c b/main/frame.c index 163abe1d2..f58e6a9ed 100644 --- a/main/frame.c +++ b/main/frame.c @@ -735,7 +735,7 @@ static char *show_codec_n(struct ast_cli_entry *e, int cmd, struct ast_cli_args if (a->argc != 4) return CLI_SHOWUSAGE; - if (sscanf(a->argv[3],"%d",&codec) != 1) + if (sscanf(a->argv[3], "%30d", &codec) != 1) return CLI_SHOWUSAGE; for (i = 0; i < 32; i++) diff --git a/main/http.c b/main/http.c index 011c0893d..02be41910 100644 --- a/main/http.c +++ b/main/http.c @@ -137,10 +137,10 @@ static uint32_t manid_from_vars(struct ast_variable *sid) { while (sid && strcmp(sid->name, "mansession_id")) sid = sid->next; - - if (!sid || sscanf(sid->value, "%x", &mngid) != 1) + + if (!sid || sscanf(sid->value, "%30x", &mngid) != 1) return 0; - + return mngid; } diff --git a/main/indications.c b/main/indications.c index f0aba5ff3..b658e3f51 100644 --- a/main/indications.c +++ b/main/indications.c @@ -243,50 +243,50 @@ static struct ast_generator playtones = { int ast_tone_zone_part_parse(const char *s, struct ast_tone_zone_part *tone_data) { - if (sscanf(s, "%u+%u/%u", &tone_data->freq1, &tone_data->freq2, + if (sscanf(s, "%30u+%30u/%30u", &tone_data->freq1, &tone_data->freq2, &tone_data->time) == 3) { /* f1+f2/time format */ - } else if (sscanf(s, "%u+%u", &tone_data->freq1, &tone_data->freq2) == 2) { + } else if (sscanf(s, "%30u+%30u", &tone_data->freq1, &tone_data->freq2) == 2) { /* f1+f2 format */ tone_data->time = 0; - } else if (sscanf(s, "%u*%u/%u", &tone_data->freq1, &tone_data->freq2, + } else if (sscanf(s, "%30u*%30u/%30u", &tone_data->freq1, &tone_data->freq2, &tone_data->time) == 3) { /* f1*f2/time format */ tone_data->modulate = 1; - } else if (sscanf(s, "%u*%u", &tone_data->freq1, &tone_data->freq2) == 2) { + } else if (sscanf(s, "%30u*%30u", &tone_data->freq1, &tone_data->freq2) == 2) { /* f1*f2 format */ tone_data->time = 0; tone_data->modulate = 1; - } else if (sscanf(s, "%u/%u", &tone_data->freq1, &tone_data->time) == 2) { + } else if (sscanf(s, "%30u/%30u", &tone_data->freq1, &tone_data->time) == 2) { /* f1/time format */ tone_data->freq2 = 0; - } else if (sscanf(s, "%u", &tone_data->freq1) == 1) { + } else if (sscanf(s, "%30u", &tone_data->freq1) == 1) { /* f1 format */ tone_data->freq2 = 0; tone_data->time = 0; - } else if (sscanf(s, "M%u+M%u/%u", &tone_data->freq1, &tone_data->freq2, + } else if (sscanf(s, "M%30u+M%30u/%30u", &tone_data->freq1, &tone_data->freq2, &tone_data->time) == 3) { /* Mf1+Mf2/time format */ tone_data->midinote = 1; - } else if (sscanf(s, "M%u+M%u", &tone_data->freq1, &tone_data->freq2) == 2) { + } else if (sscanf(s, "M%30u+M%30u", &tone_data->freq1, &tone_data->freq2) == 2) { /* Mf1+Mf2 format */ tone_data->time = 0; tone_data->midinote = 1; - } else if (sscanf(s, "M%u*M%u/%u", &tone_data->freq1, &tone_data->freq2, + } else if (sscanf(s, "M%30u*M%30u/%30u", &tone_data->freq1, &tone_data->freq2, &tone_data->time) == 3) { /* Mf1*Mf2/time format */ tone_data->modulate = 1; tone_data->midinote = 1; - } else if (sscanf(s, "M%u*M%u", &tone_data->freq1, &tone_data->freq2) == 2) { + } else if (sscanf(s, "M%30u*M%30u", &tone_data->freq1, &tone_data->freq2) == 2) { /* Mf1*Mf2 format */ tone_data->time = 0; tone_data->modulate = 1; tone_data->midinote = 1; - } else if (sscanf(s, "M%u/%u", &tone_data->freq1, &tone_data->time) == 2) { + } else if (sscanf(s, "M%30u/%30u", &tone_data->freq1, &tone_data->time) == 2) { /* Mf1/time format */ tone_data->freq2 = -1; tone_data->midinote = 1; - } else if (sscanf(s, "M%u", &tone_data->freq1) == 1) { + } else if (sscanf(s, "M%30u", &tone_data->freq1) == 1) { /* Mf1 format */ tone_data->freq2 = -1; tone_data->time = 0; diff --git a/main/manager.c b/main/manager.c index 6114e6e46..fbf309183 100644 --- a/main/manager.c +++ b/main/manager.c @@ -1591,7 +1591,7 @@ static int action_waitevent(struct mansession *s, const struct message *m) idText[0] = '\0'; if (!ast_strlen_zero(timeouts)) { - sscanf(timeouts, "%i", &timeout); + sscanf(timeouts, "%30i", &timeout); if (timeout < -1) timeout = -1; /* XXX maybe put an upper bound, or prevent the use of 0 ? */ @@ -2077,7 +2077,7 @@ static int action_redirect(struct mansession *s, const struct message *m) astman_send_error(s, m, "Channel not specified"); return 0; } - if (!ast_strlen_zero(priority) && (sscanf(priority, "%d", &pi) != 1)) { + if (!ast_strlen_zero(priority) && (sscanf(priority, "%30d", &pi) != 1)) { if ((pi = ast_findlabel_extension(NULL, context, exten, priority, NULL)) < 1) { astman_send_error(s, m, "Invalid priority"); return 0; @@ -2398,13 +2398,13 @@ static int action_originate(struct mansession *s, const struct message *m) astman_send_error(s, m, "Channel not specified"); return 0; } - if (!ast_strlen_zero(priority) && (sscanf(priority, "%d", &pi) != 1)) { + if (!ast_strlen_zero(priority) && (sscanf(priority, "%30d", &pi) != 1)) { if ((pi = ast_findlabel_extension(NULL, context, exten, priority, NULL)) < 1) { astman_send_error(s, m, "Invalid priority"); return 0; } } - if (!ast_strlen_zero(timeout) && (sscanf(timeout, "%d", &to) != 1)) { + if (!ast_strlen_zero(timeout) && (sscanf(timeout, "%30d", &to) != 1)) { astman_send_error(s, m, "Invalid timeout"); return 0; } @@ -3793,7 +3793,7 @@ static struct ast_str *generic_http_callback(enum output_format format, for (v = params; v; v = v->next) { if (!strcasecmp(v->name, "mansession_id")) { - sscanf(v->value, "%x", &ident); + sscanf(v->value, "%30x", &ident); break; } } diff --git a/main/netsock.c b/main/netsock.c index 2bdf9ccd6..24c6f12b5 100644 --- a/main/netsock.c +++ b/main/netsock.c @@ -280,7 +280,7 @@ int ast_str_to_eid(struct ast_eid *eid, const char *s) unsigned int eid_int[6]; int x; - if (sscanf(s, "%x:%x:%x:%x:%x:%x", &eid_int[0], &eid_int[1], &eid_int[2], + if (sscanf(s, "%2x:%2x:%2x:%2x:%2x:%2x", &eid_int[0], &eid_int[1], &eid_int[2], &eid_int[3], &eid_int[4], &eid_int[5]) != 6) return -1; diff --git a/main/pbx.c b/main/pbx.c index ed1084886..e68d2b1a4 100644 --- a/main/pbx.c +++ b/main/pbx.c @@ -2788,7 +2788,7 @@ static int parse_variable_name(char *var, int *offset, int *length, int *isfunc) parens--; } else if (*var == ':' && parens == 0) { *var++ = '\0'; - sscanf(var, "%d:%d", offset, length); + sscanf(var, "%30d:%30d", offset, length); return 1; /* offset:length valid */ } } @@ -6767,7 +6767,7 @@ static int lookup_name(const char *s, char *const names[], int max) } /* Allow months and weekdays to be specified as numbers, as well */ - if (sscanf(s, "%d", &i) == 1 && i >= 1 && i <= max) { + if (sscanf(s, "%2d", &i) == 1 && i >= 1 && i <= max) { /* What the array offset would have been: "1" would be at offset 0 */ return i - 1; } @@ -6843,7 +6843,7 @@ static void get_timerange(struct ast_timing *i, char *times) /* Otherwise expect a range */ while ((part = strsep(×, "&"))) { if (!(endpart = strchr(part, '-'))) { - if (sscanf(part, "%d:%d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { + if (sscanf(part, "%2d:%2d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { ast_log(LOG_WARNING, "%s isn't a valid time.\n", part); continue; } @@ -6859,11 +6859,11 @@ static void get_timerange(struct ast_timing *i, char *times) ast_log(LOG_WARNING, "Invalid time range starting with '%s-'.\n", part); continue; } - if (sscanf(part, "%d:%d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { + if (sscanf(part, "%2d:%2d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) { ast_log(LOG_WARNING, "'%s' isn't a valid start time.\n", part); continue; } - if (sscanf(endpart, "%d:%d", &endh, &endm) != 2 || endh < 0 || endh > 23 || endm < 0 || endm > 59) { + if (sscanf(endpart, "%2d:%2d", &endh, &endm) != 2 || endh < 0 || endh > 23 || endm < 0 || endm > 59) { ast_log(LOG_WARNING, "'%s' isn't a valid end time.\n", endpart); continue; } @@ -8397,7 +8397,7 @@ static void wait_for_hangup(struct ast_channel *chan, void *data) double waitsec; int waittime; - if (ast_strlen_zero(data) || (sscanf(data, "%lg", &waitsec) != 1) || (waitsec < 0)) + if (ast_strlen_zero(data) || (sscanf(data, "%30lg", &waitsec) != 1) || (waitsec < 0)) waitsec = -1; if (waitsec > -1) { waittime = waitsec * 1000.0; @@ -9149,7 +9149,7 @@ int pbx_checkcondition(const char *condition) int res; if (ast_strlen_zero(condition)) { /* NULL or empty strings are false */ return 0; - } else if (sscanf(condition, "%d", &res) == 1) { /* Numbers are evaluated for truth */ + } else if (sscanf(condition, "%30d", &res) == 1) { /* Numbers are evaluated for truth */ return res; } else { /* Strings are true */ return 1; @@ -9563,7 +9563,7 @@ static int pbx_parseable_goto(struct ast_channel *chan, const char *goto_string, mode = -1; pri++; } - if (sscanf(pri, "%d", &ipri) != 1) { + if (sscanf(pri, "%30d", &ipri) != 1) { if ((ipri = ast_findlabel_extension(chan, context ? context : chan->context, exten ? exten : chan->exten, pri, chan->cid.cid_num)) < 1) { ast_log(LOG_WARNING, "Priority '%s' must be a number > 0, or valid label\n", pri); diff --git a/main/timing.c b/main/timing.c index d0e6a6d24..ac23d42fa 100644 --- a/main/timing.c +++ b/main/timing.c @@ -229,7 +229,7 @@ static char *timing_test(struct ast_cli_entry *e, int cmd, struct ast_cli_args * if (a->argc == 3) { unsigned int rate; - if (sscanf(a->argv[2], "%u", &rate) == 1) { + if (sscanf(a->argv[2], "%30u", &rate) == 1) { test_rate = rate; } else { ast_cli(a->fd, "Invalid rate '%s', using default of %u\n", a->argv[2], test_rate); diff --git a/main/utils.c b/main/utils.c index 4f58b865f..c48cb12d0 100644 --- a/main/utils.c +++ b/main/utils.c @@ -1714,7 +1714,7 @@ int ast_get_timeval(const char *src, struct timeval *dst, struct timeval _defaul return -1; /* only integer at the moment, but one day we could accept more formats */ - if (sscanf(src, "%Lf%n", &dtv, &scanned) > 0) { + if (sscanf(src, "%30Lf%n", &dtv, &scanned) > 0) { dst->tv_sec = dtv; dst->tv_usec = (dtv - dst->tv_sec) * 1000000.0; if (consumed) @@ -1741,7 +1741,7 @@ int ast_get_time_t(const char *src, time_t *dst, time_t _default, int *consumed) return -1; /* only integer at the moment, but one day we could accept more formats */ - if (sscanf(src, "%ld%n", &t, &scanned) == 1) { + if (sscanf(src, "%30ld%n", &t, &scanned) == 1) { *dst = t; if (consumed) *consumed = scanned; -- cgit v1.2.3