/pidgin/main: d5e9c888ccd7: Add some error checking for sscanf u...

Daniel Atallah datallah at pidgin.im
Sat Mar 2 17:20:52 EST 2013


Changeset: d5e9c888ccd7082eb0dfd1157427056f7c45aaad
Author:	 Daniel Atallah <datallah at pidgin.im>
Date:	 2013-03-02 17:20 -0500
Branch:	 release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/d5e9c888ccd7

Description:

Add some error checking for sscanf usage (there are more places that could use this)

 * Also a trivial unused variable fix

diffstat:

 finch/gntpounce.c                |   6 ++----
 libpurple/example/nullclient.c   |  10 +++++++---
 libpurple/protocols/irc/parse.c  |  12 +++++++-----
 libpurple/protocols/jabber/oob.c |   9 +++++++--
 libpurple/protocols/msn/soap.c   |   3 ++-
 libpurple/util.c                 |   3 ++-
 6 files changed, 27 insertions(+), 16 deletions(-)

diffs (113 lines):

diff --git a/finch/gntpounce.c b/finch/gntpounce.c
--- a/finch/gntpounce.c
+++ b/finch/gntpounce.c
@@ -801,10 +801,8 @@ pounce_cb(PurplePounce *pounce, PurplePo
 
 	if (purple_pounce_action_is_enabled(pounce, "open-window"))
 	{
-		conv = purple_find_conversation_with_account(PURPLE_CONV_TYPE_IM, pouncee, account);
-
-		if (conv == NULL)
-			conv = purple_conversation_new(PURPLE_CONV_TYPE_IM, account, pouncee);
+		if (!purple_find_conversation_with_account(PURPLE_CONV_TYPE_IM, pouncee, account))
+			purple_conversation_new(PURPLE_CONV_TYPE_IM, account, pouncee);
 	}
 
 	if (purple_pounce_action_is_enabled(pounce, "popup-notify"))
diff --git a/libpurple/example/nullclient.c b/libpurple/example/nullclient.c
--- a/libpurple/example/nullclient.c
+++ b/libpurple/example/nullclient.c
@@ -253,7 +253,7 @@ int main(int argc, char *argv[])
 	GList *iter;
 	int i, num;
 	GList *names = NULL;
-	const char *prpl;
+	const char *prpl = NULL;
 	char name[128];
 	char *password;
 	GMainLoop *loop = g_main_loop_new(NULL, FALSE);
@@ -289,8 +289,12 @@ int main(int argc, char *argv[])
 		fprintf(stderr, "Failed to gets protocol selection.");
 		abort();
 	}
-	sscanf(name, "%d", &num);
-	prpl = g_list_nth_data(names, num);
+	if (sscanf(name, "%d", &num) == 1)
+		prpl = g_list_nth_data(names, num);
+	if (!prpl) {
+		fprintf(stderr, "Failed to gets protocol.");
+		abort();
+	}
 
 	printf("Username: ");
 	res = fgets(name, sizeof(name), stdin);
diff --git a/libpurple/protocols/irc/parse.c b/libpurple/protocols/irc/parse.c
--- a/libpurple/protocols/irc/parse.c
+++ b/libpurple/protocols/irc/parse.c
@@ -559,14 +559,16 @@ char *irc_parse_ctcp(struct irc_conn *ir
 		return buf;
 	} else if (!strncmp(cur, "PING ", 5)) {
 		if (notice) { /* reply */
-			/* TODO: Should this read in the timestamp as a double? */
-			sscanf(cur, "PING %lu", &timestamp);
 			gc = purple_account_get_connection(irc->account);
 			if (!gc)
 				return NULL;
-			buf = g_strdup_printf(_("Reply time from %s: %lu seconds"), from, time(NULL) - timestamp);
-			purple_notify_info(gc, _("PONG"), _("CTCP PING reply"), buf);
-			g_free(buf);
+			/* TODO: Should this read in the timestamp as a double? */
+			if (sscanf(cur, "PING %lu", &timestamp) == 1) {
+				buf = g_strdup_printf(_("Reply time from %s: %lu seconds"), from, time(NULL) - timestamp);
+				purple_notify_info(gc, _("PONG"), _("CTCP PING reply"), buf);
+				g_free(buf);
+			} else
+				purple_debug(PURPLE_DEBUG_ERROR, "irc", "Unable to parse PING timestamp");
 			return NULL;
 		} else {
 			buf = irc_format(irc, "vt:", "NOTICE", from, msg);
diff --git a/libpurple/protocols/jabber/oob.c b/libpurple/protocols/jabber/oob.c
--- a/libpurple/protocols/jabber/oob.c
+++ b/libpurple/protocols/jabber/oob.c
@@ -138,8 +138,13 @@ static gssize jabber_oob_xfer_read(gucha
 			lenstr = strstr(jox->headers->str, "Content-Length: ");
 			if(lenstr) {
 				int size;
-				sscanf(lenstr, "Content-Length: %d", &size);
-				purple_xfer_set_size(xfer, size);
+				if (sscanf(lenstr, "Content-Length: %d", &size) == 1)
+					purple_xfer_set_size(xfer, size);
+				else {
+					purple_debug_error("jabber", "Unable to parse Content-Length!\n");
+					purple_xfer_cancel_local(xfer);
+					return 0;
+				}
 			}
 			purple_xfer_set_read_fnc(xfer, NULL);
 
diff --git a/libpurple/protocols/msn/soap.c b/libpurple/protocols/msn/soap.c
--- a/libpurple/protocols/msn/soap.c
+++ b/libpurple/protocols/msn/soap.c
@@ -426,7 +426,8 @@ msn_soap_process(MsnSoapConnection *conn
 					g_free(line);
 					return;
 				} else if (strcmp(key, "Content-Length") == 0) {
-					sscanf(value, "%" G_GSIZE_FORMAT, &(conn->body_len));
+					if (sscanf(value, "%" G_GSIZE_FORMAT, &(conn->body_len)) != 1)
+						purple_debug_error("soap", "Unable to parse Content-Length\n");
 				} else if (strcmp(key, "Connection") == 0) {
 					if (strcmp(value, "close") == 0) {
 						conn->close_when_done = TRUE;
diff --git a/libpurple/util.c b/libpurple/util.c
--- a/libpurple/util.c
+++ b/libpurple/util.c
@@ -3535,7 +3535,8 @@ purple_url_parse(const char *url, char *
 	if (f <= 1)
 		*path = '\0';
 
-	sscanf(port_str, "%d", &port);
+	if (sscanf(port_str, "%d", &port) != 1)
+		purple_debug_error("util", "Error parsing URL port from %s\n", url);
 
 	if (ret_host != NULL) *ret_host = g_strdup(host);
 	if (ret_port != NULL) *ret_port = port;



More information about the Commits mailing list