From dbef80dfa2752f6306e45af841d5573ccfd14f03 Mon Sep 17 00:00:00 2001 From: tilghman Date: Mon, 10 Aug 2009 19:25:03 +0000 Subject: AST-2009-005 git-svn-id: http://svn.digium.com/svn/asterisk/branches/1.6.0@211551 f38db490-d61c-443f-a65b-d21fe96a405b --- main/acl.c | 12 ++++++------ main/asterisk.c | 26 +++++++++++++------------- main/cdr.c | 4 ++-- main/channel.c | 4 ++-- main/cli.c | 2 +- main/config.c | 2 +- main/dnsmgr.c | 2 +- main/features.c | 18 +++++++++--------- main/frame.c | 2 +- main/http.c | 10 +++++----- main/indications.c | 24 ++++++++++++------------ main/manager.c | 10 +++++----- main/pbx.c | 12 ++++++------ main/utils.c | 4 ++-- 14 files changed, 66 insertions(+), 66 deletions(-) (limited to 'main') diff --git a/main/acl.c b/main/acl.c index 54747de5f..731de5cc6 100644 --- a/main/acl.c +++ b/main/acl.c @@ -291,7 +291,7 @@ struct ast_ha *ast_append_ha(const char *sense, const char *stuff, struct ast_ha nm++; if (!strchr(nm, '.')) { - if ((sscanf(nm, "%d", &x) == 1) && (x >= 0) && (x <= 32)) + if ((sscanf(nm, "%30d", &x) == 1) && (x >= 0) && (x <= 32)) ha->netmask.s_addr = htonl(0xFFFFFFFF << (32 - x)); else { ast_log(LOG_WARNING, "Invalid CIDR in %s\n", stuff); @@ -413,14 +413,14 @@ static const struct dscp_codepoint dscp_pool1[] = { int ast_str2cos(const char *value, unsigned int *cos) { int fval; - - if (sscanf(value, "%d", &fval) == 1) { + + if (sscanf(value, "%30d", &fval) == 1) { if (fval < 8) { - *cos = fval; + *cos = fval; return 0; } } - + return -1; } @@ -429,7 +429,7 @@ int ast_str2tos(const char *value, unsigned int *tos) int fval; unsigned int x; - if (sscanf(value, "%i", &fval) == 1) { + if (sscanf(value, "%30i", &fval) == 1) { *tos = fval & 0xFF; return 0; } diff --git a/main/asterisk.c b/main/asterisk.c index c6f8ceec8..2e3fb7260 100644 --- a/main/asterisk.c +++ b/main/asterisk.c @@ -1164,7 +1164,7 @@ static int ast_makesocket(void) if (!ast_strlen_zero(ast_config_AST_CTL_PERMISSIONS)) { int p1; mode_t p; - sscanf(ast_config_AST_CTL_PERMISSIONS, "%o", &p1); + sscanf(ast_config_AST_CTL_PERMISSIONS, "%30o", &p1); p = p1; if ((chmod(ast_config_AST_SOCKET, p)) < 0) ast_log(LOG_WARNING, "Unable to change file permissions of %s: %s\n", ast_config_AST_SOCKET, strerror(errno)); @@ -2024,10 +2024,10 @@ static char *cli_prompt(EditLine *el) switch (*t) { case 'C': /* color */ t++; - if (sscanf(t, "%d;%d%n", &fgcolor, &bgcolor, &i) == 2) { + if (sscanf(t, "%30d;%30d%n", &fgcolor, &bgcolor, &i) == 2) { strncat(p, term_color_code(term_code, fgcolor, bgcolor, sizeof(term_code)),sizeof(prompt) - strlen(prompt) - 1); t += i - 1; - } else if (sscanf(t, "%d%n", &fgcolor, &i) == 1) { + } else if (sscanf(t, "%30d%n", &fgcolor, &i) == 1) { strncat(p, term_color_code(term_code, fgcolor, 0, sizeof(term_code)),sizeof(prompt) - strlen(prompt) - 1); t += i - 1; } @@ -2064,13 +2064,13 @@ static char *cli_prompt(EditLine *el) float avg1, avg2, avg3; int actproc, totproc, npid, which; - if (fscanf(LOADAVG, "%f %f %f %d/%d %d", + if (fscanf(LOADAVG, "%30f %30f %30f %30d/%30d %30d", &avg1, &avg2, &avg3, &actproc, &totproc, &npid) != 6) { ast_log(LOG_WARNING, "parsing /proc/loadavg failed\n"); fclose(LOADAVG); break; } - if (sscanf(t, "%d", &which) == 1) { + if (sscanf(t, "%1d", &which) == 1) { switch (which) { case 1: snprintf(p, sizeof(prompt) - strlen(prompt), "%.2f", avg1); @@ -2722,7 +2722,7 @@ static void ast_readconfig(void) /* debug level (-d at startup) */ } else if (!strcasecmp(v->name, "debug")) { option_debug = 0; - if (sscanf(v->value, "%d", &option_debug) != 1) { + if (sscanf(v->value, "%30d", &option_debug) != 1) { option_debug = ast_true(v->value); } #if HAVE_WORKING_FORK @@ -2770,7 +2770,7 @@ static void ast_readconfig(void) } else if (!strcasecmp(v->name, "internal_timing")) { ast_set2_flag(&ast_options, ast_true(v->value), AST_OPT_FLAG_INTERNAL_TIMING); } else if (!strcasecmp(v->name, "maxcalls")) { - if ((sscanf(v->value, "%d", &option_maxcalls) != 1) || (option_maxcalls < 0)) { + if ((sscanf(v->value, "%30d", &option_maxcalls) != 1) || (option_maxcalls < 0)) { option_maxcalls = 0; } } else if (!strcasecmp(v->name, "maxload")) { @@ -2779,7 +2779,7 @@ static void ast_readconfig(void) if (getloadavg(test, 1) == -1) { ast_log(LOG_ERROR, "Cannot obtain load average on this system. 'maxload' option disabled.\n"); option_maxload = 0.0; - } else if ((sscanf(v->value, "%lf", &option_maxload) != 1) || (option_maxload < 0.0)) { + } else if ((sscanf(v->value, "%30lf", &option_maxload) != 1) || (option_maxload < 0.0)) { option_maxload = 0.0; } /* Set the maximum amount of open files */ @@ -2821,7 +2821,7 @@ static void ast_readconfig(void) } else if (!strcasecmp(v->name, "minmemfree")) { /* specify the minimum amount of free memory to retain. Asterisk should stop accepting new calls * if the amount of free memory falls below this watermark */ - if ((sscanf(v->value, "%ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { + if ((sscanf(v->value, "%30ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { option_minmemfree = 0; } #endif @@ -2829,7 +2829,7 @@ static void ast_readconfig(void) } for (v = ast_variable_browse(cfg, "compat"); v; v = v->next) { float version; - if (sscanf(v->value, "%f", &version) != 1) { + if (sscanf(v->value, "%30f", &version) != 1) { ast_log(LOG_WARNING, "Compatibility version for option '%s' is not a number: '%s'\n", v->name, v->value); continue; } @@ -2969,7 +2969,7 @@ int main(int argc, char *argv[]) switch (c) { #if defined(HAVE_SYSINFO) case 'e': - if ((sscanf(&optarg[1], "%ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { + if ((sscanf(&optarg[1], "%30ld", &option_minmemfree) != 1) || (option_minmemfree < 0)) { option_minmemfree = 0; } break; @@ -3009,11 +3009,11 @@ int main(int argc, char *argv[]) ast_set_flag(&ast_options, AST_OPT_FLAG_MUTE); break; case 'M': - if ((sscanf(optarg, "%d", &option_maxcalls) != 1) || (option_maxcalls < 0)) + if ((sscanf(optarg, "%30d", &option_maxcalls) != 1) || (option_maxcalls < 0)) option_maxcalls = 0; break; case 'L': - if ((sscanf(optarg, "%lf", &option_maxload) != 1) || (option_maxload < 0.0)) + if ((sscanf(optarg, "%30lf", &option_maxload) != 1) || (option_maxload < 0.0)) option_maxload = 0.0; break; case 'q': diff --git a/main/cdr.c b/main/cdr.c index 155214242..1ed12214b 100644 --- a/main/cdr.c +++ b/main/cdr.c @@ -1439,7 +1439,7 @@ static int do_reload(int reload) batchsafeshutdown = ast_true(batchsafeshutdown_value); } if ((size_value = ast_variable_retrieve(config, "general", "size"))) { - if (sscanf(size_value, "%d", &cfg_size) < 1) + if (sscanf(size_value, "%30d", &cfg_size) < 1) ast_log(LOG_WARNING, "Unable to convert '%s' to a numeric value.\n", size_value); else if (cfg_size < 0) ast_log(LOG_WARNING, "Invalid maximum batch size '%d' specified, using default\n", cfg_size); @@ -1447,7 +1447,7 @@ static int do_reload(int reload) batchsize = cfg_size; } if ((time_value = ast_variable_retrieve(config, "general", "time"))) { - if (sscanf(time_value, "%d", &cfg_time) < 1) + if (sscanf(time_value, "%30d", &cfg_time) < 1) ast_log(LOG_WARNING, "Unable to convert '%s' to a numeric value.\n", time_value); else if (cfg_time < 0) ast_log(LOG_WARNING, "Invalid maximum batch time '%d' specified, using default\n", cfg_time); diff --git a/main/channel.c b/main/channel.c index 05b98430b..bd34ead47 100644 --- a/main/channel.c +++ b/main/channel.c @@ -5344,9 +5344,9 @@ ast_group_t ast_get_group(const char *s) c = ast_strdupa(s); while ((piece = strsep(&c, ","))) { - if (sscanf(piece, "%d-%d", &start, &finish) == 2) { + if (sscanf(piece, "%30d-%30d", &start, &finish) == 2) { /* Range */ - } else if (sscanf(piece, "%d", &start)) { + } else if (sscanf(piece, "%30d", &start)) { /* Just one */ finish = start; } else { diff --git a/main/cli.c b/main/cli.c index 58e0cef5a..c1b4a62f2 100644 --- a/main/cli.c +++ b/main/cli.c @@ -296,7 +296,7 @@ static char *handle_verbose(struct ast_cli_entry *e, int cmd, struct ast_cli_arg atleast = 1; if (argc != e->args + atleast && argc != e->args + atleast + 1) return CLI_SHOWUSAGE; - if (sscanf(argv[e->args + atleast - 1], "%d", &newlevel) != 1) + if (sscanf(argv[e->args + atleast - 1], "%30d", &newlevel) != 1) return CLI_SHOWUSAGE; if (argc == e->args + atleast + 1) { unsigned int debug = (*what == 'C'); diff --git a/main/config.c b/main/config.c index dd8ad66f0..c79b0ef23 100644 --- a/main/config.c +++ b/main/config.c @@ -343,7 +343,7 @@ void ast_variable_insert(struct ast_category *category, struct ast_variable *var int lineno; int insertline; - if (!variable || sscanf(line, "%d", &insertline) != 1) + if (!variable || sscanf(line, "%30d", &insertline) != 1) return; if (!insertline) { variable->next = category->root; diff --git a/main/dnsmgr.c b/main/dnsmgr.c index 2c1d8f943..6f16ae667 100644 --- a/main/dnsmgr.c +++ b/main/dnsmgr.c @@ -392,7 +392,7 @@ static int do_reload(int loading) enabled = ast_true(enabled_value); } if ((interval_value = ast_variable_retrieve(config, "general", "refreshinterval"))) { - if (sscanf(interval_value, "%d", &interval) < 1) + if (sscanf(interval_value, "%30d", &interval) < 1) ast_log(LOG_WARNING, "Unable to convert '%s' to a numeric value.\n", interval_value); else if (interval < 0) ast_log(LOG_WARNING, "Invalid refresh interval '%d' specified, using default\n", interval); diff --git a/main/features.c b/main/features.c index 4c39db39a..5cd78b95a 100644 --- a/main/features.c +++ b/main/features.c @@ -438,7 +438,7 @@ static struct parkeduser *park_space_reserve(struct ast_channel *chan) * limitation here. If extout was not numeric, we could permit * arbitrary non-numeric extensions. */ - if (sscanf(parkingexten, "%d", &parking_space) != 1 || parking_space < 0) { + if (sscanf(parkingexten, "%30d", &parking_space) != 1 || parking_space < 0) { AST_LIST_UNLOCK(&parkinglot); ast_free(pu); ast_log(LOG_WARNING, "PARKINGEXTEN does not indicate a valid parking slot: '%s'.\n", parkingexten); @@ -3189,13 +3189,13 @@ static int load_config(void) } else if (!strcasecmp(var->name, "context")) { ast_copy_string(parking_con, var->value, sizeof(parking_con)); } else if (!strcasecmp(var->name, "parkingtime")) { - if ((sscanf(var->value, "%d", &parkingtime) != 1) || (parkingtime < 1)) { + if ((sscanf(var->value, "%30d", &parkingtime) != 1) || (parkingtime < 1)) { ast_log(LOG_WARNING, "%s is not a valid parkingtime\n", var->value); parkingtime = DEFAULT_PARK_TIME; } else parkingtime = parkingtime * 1000; } else if (!strcasecmp(var->name, "parkpos")) { - if (sscanf(var->value, "%d-%d", &start, &end) != 2) { + if (sscanf(var->value, "%30d-%30d", &start, &end) != 2) { ast_log(LOG_WARNING, "Format for parking positions is a-b, where a and b are numbers at line %d of features.conf\n", var->lineno); } else { parking_start = start; @@ -3236,24 +3236,24 @@ static int load_config(void) } else if (!strcasecmp(var->name, "adsipark")) { adsipark = ast_true(var->value); } else if (!strcasecmp(var->name, "transferdigittimeout")) { - if ((sscanf(var->value, "%d", &transferdigittimeout) != 1) || (transferdigittimeout < 1)) { + if ((sscanf(var->value, "%30d", &transferdigittimeout) != 1) || (transferdigittimeout < 1)) { ast_log(LOG_WARNING, "%s is not a valid transferdigittimeout\n", var->value); transferdigittimeout = DEFAULT_TRANSFER_DIGIT_TIMEOUT; } else transferdigittimeout = transferdigittimeout * 1000; } else if (!strcasecmp(var->name, "featuredigittimeout")) { - if ((sscanf(var->value, "%d", &featuredigittimeout) != 1) || (featuredigittimeout < 1)) { + if ((sscanf(var->value, "%30d", &featuredigittimeout) != 1) || (featuredigittimeout < 1)) { ast_log(LOG_WARNING, "%s is not a valid featuredigittimeout\n", var->value); featuredigittimeout = DEFAULT_FEATURE_DIGIT_TIMEOUT; } } else if (!strcasecmp(var->name, "atxfernoanswertimeout")) { - if ((sscanf(var->value, "%d", &atxfernoanswertimeout) != 1) || (atxfernoanswertimeout < 1)) { + if ((sscanf(var->value, "%30d", &atxfernoanswertimeout) != 1) || (atxfernoanswertimeout < 1)) { ast_log(LOG_WARNING, "%s is not a valid atxfernoanswertimeout\n", var->value); atxfernoanswertimeout = DEFAULT_NOANSWER_TIMEOUT_ATTENDED_TRANSFER; } else atxfernoanswertimeout = atxfernoanswertimeout * 1000; } else if (!strcasecmp(var->name, "atxferloopdelay")) { - if ((sscanf(var->value, "%u", &atxferloopdelay) != 1)) { + if ((sscanf(var->value, "%30u", &atxferloopdelay) != 1)) { ast_log(LOG_WARNING, "%s is not a valid atxferloopdelay\n", var->value); atxferloopdelay = DEFAULT_ATXFER_LOOP_DELAY; } else @@ -3261,7 +3261,7 @@ static int load_config(void) } else if (!strcasecmp(var->name, "atxferdropcall")) { atxferdropcall = ast_true(var->value); } else if (!strcasecmp(var->name, "atxfercallbackretries")) { - if ((sscanf(var->value, "%u", &atxferloopdelay) != 1)) { + if ((sscanf(var->value, "%30u", &atxferloopdelay) != 1)) { ast_log(LOG_WARNING, "%s is not a valid atxfercallbackretries\n", var->value); atxfercallbackretries = DEFAULT_ATXFER_CALLBACK_RETRIES; } @@ -3832,7 +3832,7 @@ static int manager_park(struct mansession *s, const struct message *m) } if (!ast_strlen_zero(timeout)) { - sscanf(timeout, "%d", &to); + sscanf(timeout, "%30d", &to); } res = ast_masq_park_call(ch1, ch2, to, &parkExt); diff --git a/main/frame.c b/main/frame.c index e73424aaa..6b5cd794d 100644 --- a/main/frame.c +++ b/main/frame.c @@ -729,7 +729,7 @@ static char *show_codec_n(struct ast_cli_entry *e, int cmd, struct ast_cli_args if (a->argc != 4) return CLI_SHOWUSAGE; - if (sscanf(a->argv[3],"%d",&codec) != 1) + if (sscanf(a->argv[3], "%30d", &codec) != 1) return CLI_SHOWUSAGE; for (i = 0; i < 32; i++) diff --git a/main/http.c b/main/http.c index 7a2002abb..7165fcee1 100644 --- a/main/http.c +++ b/main/http.c @@ -150,10 +150,10 @@ static uint32_t manid_from_vars(struct ast_variable *sid) { while (sid && strcmp(sid->name, "mansession_id")) sid = sid->next; - - if (!sid || sscanf(sid->value, "%x", &mngid) != 1) + + if (!sid || sscanf(sid->value, "%30x", &mngid) != 1) return 0; - + return mngid; } @@ -489,7 +489,7 @@ static struct ast_str *handle_post(struct ast_tcptls_session_instance *ser, char if (strcasecmp(var->name, "mansession_id")) continue; - if (sscanf(var->value, "%lx", &ident) != 1) { + if (sscanf(var->value, "%30lx", &ident) != 1) { *status = 400; *title = ast_strdup("Bad Request"); return ast_http_error(400, "Bad Request", NULL, "The was an error parsing the request."); @@ -514,7 +514,7 @@ static struct ast_str *handle_post(struct ast_tcptls_session_instance *ser, char for (var = headers; var; var = var->next) { if (!strcasecmp(var->name, "Content-Length")) { - if ((sscanf(var->value, "%u", &content_len)) != 1) { + if ((sscanf(var->value, "%30u", &content_len)) != 1) { ast_log(LOG_ERROR, "Invalid Content-Length in POST request!\n"); fclose(f); return NULL; diff --git a/main/indications.c b/main/indications.c index b575dff4d..fbaddad8f 100644 --- a/main/indications.c +++ b/main/indications.c @@ -239,46 +239,46 @@ int ast_playtones_start(struct ast_channel *chan, int vol, const char *playlst, s++; else if (d.reppos == -1) d.reppos = d.nitems; - if (sscanf(s, "%d+%d/%d", &freq1, &freq2, &time) == 3) { + if (sscanf(s, "%30d+%30d/%30d", &freq1, &freq2, &time) == 3) { /* f1+f2/time format */ - } else if (sscanf(s, "%d+%d", &freq1, &freq2) == 2) { + } else if (sscanf(s, "%30d+%30d", &freq1, &freq2) == 2) { /* f1+f2 format */ time = 0; - } else if (sscanf(s, "%d*%d/%d", &freq1, &freq2, &time) == 3) { + } else if (sscanf(s, "%30d*%30d/%30d", &freq1, &freq2, &time) == 3) { /* f1*f2/time format */ modulate = 1; - } else if (sscanf(s, "%d*%d", &freq1, &freq2) == 2) { + } else if (sscanf(s, "%30d*%30d", &freq1, &freq2) == 2) { /* f1*f2 format */ time = 0; modulate = 1; - } else if (sscanf(s, "%d/%d", &freq1, &time) == 2) { + } else if (sscanf(s, "%30d/%30d", &freq1, &time) == 2) { /* f1/time format */ freq2 = 0; - } else if (sscanf(s, "%d", &freq1) == 1) { + } else if (sscanf(s, "%30d", &freq1) == 1) { /* f1 format */ freq2 = 0; time = 0; - } else if (sscanf(s, "M%d+M%d/%d", &freq1, &freq2, &time) == 3) { + } else if (sscanf(s, "M%30d+M%30d/%30d", &freq1, &freq2, &time) == 3) { /* Mf1+Mf2/time format */ midinote = 1; - } else if (sscanf(s, "M%d+M%d", &freq1, &freq2) == 2) { + } else if (sscanf(s, "M%30d+M%30d", &freq1, &freq2) == 2) { /* Mf1+Mf2 format */ time = 0; midinote = 1; - } else if (sscanf(s, "M%d*M%d/%d", &freq1, &freq2, &time) == 3) { + } else if (sscanf(s, "M%30d*M%30d/%30d", &freq1, &freq2, &time) == 3) { /* Mf1*Mf2/time format */ modulate = 1; midinote = 1; - } else if (sscanf(s, "M%d*M%d", &freq1, &freq2) == 2) { + } else if (sscanf(s, "M%30d*M%30d", &freq1, &freq2) == 2) { /* Mf1*Mf2 format */ time = 0; modulate = 1; midinote = 1; - } else if (sscanf(s, "M%d/%d", &freq1, &time) == 2) { + } else if (sscanf(s, "M%30d/%30d", &freq1, &time) == 2) { /* Mf1/time format */ freq2 = -1; midinote = 1; - } else if (sscanf(s, "M%d", &freq1) == 1) { + } else if (sscanf(s, "M%30d", &freq1) == 1) { /* Mf1 format */ freq2 = -1; time = 0; diff --git a/main/manager.c b/main/manager.c index a3a63ee0c..23b4b80fc 100644 --- a/main/manager.c +++ b/main/manager.c @@ -1495,7 +1495,7 @@ static int action_waitevent(struct mansession *s, const struct message *m) idText[0] = '\0'; if (!ast_strlen_zero(timeouts)) { - sscanf(timeouts, "%i", &timeout); + sscanf(timeouts, "%30i", &timeout); if (timeout < -1) timeout = -1; /* XXX maybe put an upper bound, or prevent the use of 0 ? */ @@ -1939,7 +1939,7 @@ static int action_redirect(struct mansession *s, const struct message *m) astman_send_error(s, m, "Channel not specified"); return 0; } - if (!ast_strlen_zero(priority) && (sscanf(priority, "%d", &pi) != 1)) { + if (!ast_strlen_zero(priority) && (sscanf(priority, "%30d", &pi) != 1)) { if ((pi = ast_findlabel_extension(NULL, context, exten, priority, NULL)) < 1) { astman_send_error(s, m, "Invalid priority"); return 0; @@ -2203,13 +2203,13 @@ static int action_originate(struct mansession *s, const struct message *m) astman_send_error(s, m, "Channel not specified"); return 0; } - if (!ast_strlen_zero(priority) && (sscanf(priority, "%d", &pi) != 1)) { + if (!ast_strlen_zero(priority) && (sscanf(priority, "%30d", &pi) != 1)) { if ((pi = ast_findlabel_extension(NULL, context, exten, priority, NULL)) < 1) { astman_send_error(s, m, "Invalid priority"); return 0; } } - if (!ast_strlen_zero(timeout) && (sscanf(timeout, "%d", &to) != 1)) { + if (!ast_strlen_zero(timeout) && (sscanf(timeout, "%30d", &to) != 1)) { astman_send_error(s, m, "Invalid timeout"); return 0; } @@ -3582,7 +3582,7 @@ static struct ast_str *generic_http_callback(enum output_format format, for (v = params; v; v = v->next) { if (!strcasecmp(v->name, "mansession_id")) { - sscanf(v->value, "%x", &ident); + sscanf(v->value, "%30x", &ident); break; } } diff --git a/main/pbx.c b/main/pbx.c index be188e1d2..0820884dd 100644 --- a/main/pbx.c +++ b/main/pbx.c @@ -2310,7 +2310,7 @@ static int parse_variable_name(char *var, int *offset, int *length, int *isfunc) parens--; } else if (*var == ':' && parens == 0) { *var++ = '\0'; - sscanf(var, "%d:%d", offset, length); + sscanf(var, "%30d:%30d", offset, length); return 1; /* offset:length valid */ } } @@ -5939,7 +5939,7 @@ static int lookup_name(const char *s, char *const names[], int max) if (!strcasecmp(s, names[i])) return i+1; } - } else if (sscanf(s, "%d", &i) == 1 && i >= 1 && i <= max) { + } else if (sscanf(s, "%2d", &i) == 1 && i >= 1 && i <= max) { return i; } return 0; /* error return */ @@ -6026,11 +6026,11 @@ static void get_timerange(struct ast_timing *i, char *times) ast_log(LOG_WARNING, "Invalid time range. Assuming no restrictions based on time.\n"); return; } - if (sscanf(times, "%d:%d", &s1, &s2) != 2) { + if (sscanf(times, "%2d:%2d", &s1, &s2) != 2) { ast_log(LOG_WARNING, "%s isn't a time. Assuming no restrictions based on time.\n", times); return; } - if (sscanf(e, "%d:%d", &e1, &e2) != 2) { + if (sscanf(e, "%2d:%2d", &e1, &e2) != 2) { ast_log(LOG_WARNING, "%s isn't a time. Assuming no restrictions based on time.\n", e); return; } @@ -7549,7 +7549,7 @@ static void wait_for_hangup(struct ast_channel *chan, void *data) double waitsec; int waittime; - if (ast_strlen_zero(data) || (sscanf(data, "%lg", &waitsec) != 1) || (waitsec < 0)) + if (ast_strlen_zero(data) || (sscanf(data, "%30lg", &waitsec) != 1) || (waitsec < 0)) waitsec = -1; if (waitsec > -1) { waittime = waitsec * 1000.0; @@ -8664,7 +8664,7 @@ static int pbx_parseable_goto(struct ast_channel *chan, const char *goto_string, mode = -1; pri++; } - if (sscanf(pri, "%d", &ipri) != 1) { + if (sscanf(pri, "%30d", &ipri) != 1) { if ((ipri = ast_findlabel_extension(chan, context ? context : chan->context, exten ? exten : chan->exten, pri, chan->cid.cid_num)) < 1) { ast_log(LOG_WARNING, "Priority '%s' must be a number > 0, or valid label\n", pri); diff --git a/main/utils.c b/main/utils.c index 21b4ea9aa..518a34d3d 100644 --- a/main/utils.c +++ b/main/utils.c @@ -1607,7 +1607,7 @@ int ast_get_timeval(const char *src, struct timeval *dst, struct timeval _defaul return -1; /* only integer at the moment, but one day we could accept more formats */ - if (sscanf(src, "%Lf%n", &dtv, &scanned) > 0) { + if (sscanf(src, "%30Lf%n", &dtv, &scanned) > 0) { dst->tv_sec = dtv; dst->tv_usec = (dtv - dst->tv_sec) * 1000000.0; if (consumed) @@ -1634,7 +1634,7 @@ int ast_get_time_t(const char *src, time_t *dst, time_t _default, int *consumed) return -1; /* only integer at the moment, but one day we could accept more formats */ - if (sscanf(src, "%ld%n", &t, &scanned) == 1) { + if (sscanf(src, "%30ld%n", &t, &scanned) == 1) { *dst = t; if (consumed) *consumed = scanned; -- cgit v1.2.3