/pidgin/main: d5e9c888ccd7: Add some error checking for sscanf u...
Daniel Atallah
datallah at pidgin.im
Sat Mar 2 17:20:52 EST 2013
Changeset: d5e9c888ccd7082eb0dfd1157427056f7c45aaad
Author: Daniel Atallah <datallah at pidgin.im>
Date: 2013-03-02 17:20 -0500
Branch: release-2.x.y
URL: https://hg.pidgin.im/pidgin/main/rev/d5e9c888ccd7
Description:
Add some error checking for sscanf usage (there are more places that could use this)
* Also a trivial unused variable fix
diffstat:
finch/gntpounce.c | 6 ++----
libpurple/example/nullclient.c | 10 +++++++---
libpurple/protocols/irc/parse.c | 12 +++++++-----
libpurple/protocols/jabber/oob.c | 9 +++++++--
libpurple/protocols/msn/soap.c | 3 ++-
libpurple/util.c | 3 ++-
6 files changed, 27 insertions(+), 16 deletions(-)
diffs (113 lines):
diff --git a/finch/gntpounce.c b/finch/gntpounce.c
--- a/finch/gntpounce.c
+++ b/finch/gntpounce.c
@@ -801,10 +801,8 @@ pounce_cb(PurplePounce *pounce, PurplePo
if (purple_pounce_action_is_enabled(pounce, "open-window"))
{
- conv = purple_find_conversation_with_account(PURPLE_CONV_TYPE_IM, pouncee, account);
-
- if (conv == NULL)
- conv = purple_conversation_new(PURPLE_CONV_TYPE_IM, account, pouncee);
+ if (!purple_find_conversation_with_account(PURPLE_CONV_TYPE_IM, pouncee, account))
+ purple_conversation_new(PURPLE_CONV_TYPE_IM, account, pouncee);
}
if (purple_pounce_action_is_enabled(pounce, "popup-notify"))
diff --git a/libpurple/example/nullclient.c b/libpurple/example/nullclient.c
--- a/libpurple/example/nullclient.c
+++ b/libpurple/example/nullclient.c
@@ -253,7 +253,7 @@ int main(int argc, char *argv[])
GList *iter;
int i, num;
GList *names = NULL;
- const char *prpl;
+ const char *prpl = NULL;
char name[128];
char *password;
GMainLoop *loop = g_main_loop_new(NULL, FALSE);
@@ -289,8 +289,12 @@ int main(int argc, char *argv[])
fprintf(stderr, "Failed to gets protocol selection.");
abort();
}
- sscanf(name, "%d", &num);
- prpl = g_list_nth_data(names, num);
+ if (sscanf(name, "%d", &num) == 1)
+ prpl = g_list_nth_data(names, num);
+ if (!prpl) {
+ fprintf(stderr, "Failed to gets protocol.");
+ abort();
+ }
printf("Username: ");
res = fgets(name, sizeof(name), stdin);
diff --git a/libpurple/protocols/irc/parse.c b/libpurple/protocols/irc/parse.c
--- a/libpurple/protocols/irc/parse.c
+++ b/libpurple/protocols/irc/parse.c
@@ -559,14 +559,16 @@ char *irc_parse_ctcp(struct irc_conn *ir
return buf;
} else if (!strncmp(cur, "PING ", 5)) {
if (notice) { /* reply */
- /* TODO: Should this read in the timestamp as a double? */
- sscanf(cur, "PING %lu", ×tamp);
gc = purple_account_get_connection(irc->account);
if (!gc)
return NULL;
- buf = g_strdup_printf(_("Reply time from %s: %lu seconds"), from, time(NULL) - timestamp);
- purple_notify_info(gc, _("PONG"), _("CTCP PING reply"), buf);
- g_free(buf);
+ /* TODO: Should this read in the timestamp as a double? */
+ if (sscanf(cur, "PING %lu", ×tamp) == 1) {
+ buf = g_strdup_printf(_("Reply time from %s: %lu seconds"), from, time(NULL) - timestamp);
+ purple_notify_info(gc, _("PONG"), _("CTCP PING reply"), buf);
+ g_free(buf);
+ } else
+ purple_debug(PURPLE_DEBUG_ERROR, "irc", "Unable to parse PING timestamp");
return NULL;
} else {
buf = irc_format(irc, "vt:", "NOTICE", from, msg);
diff --git a/libpurple/protocols/jabber/oob.c b/libpurple/protocols/jabber/oob.c
--- a/libpurple/protocols/jabber/oob.c
+++ b/libpurple/protocols/jabber/oob.c
@@ -138,8 +138,13 @@ static gssize jabber_oob_xfer_read(gucha
lenstr = strstr(jox->headers->str, "Content-Length: ");
if(lenstr) {
int size;
- sscanf(lenstr, "Content-Length: %d", &size);
- purple_xfer_set_size(xfer, size);
+ if (sscanf(lenstr, "Content-Length: %d", &size) == 1)
+ purple_xfer_set_size(xfer, size);
+ else {
+ purple_debug_error("jabber", "Unable to parse Content-Length!\n");
+ purple_xfer_cancel_local(xfer);
+ return 0;
+ }
}
purple_xfer_set_read_fnc(xfer, NULL);
diff --git a/libpurple/protocols/msn/soap.c b/libpurple/protocols/msn/soap.c
--- a/libpurple/protocols/msn/soap.c
+++ b/libpurple/protocols/msn/soap.c
@@ -426,7 +426,8 @@ msn_soap_process(MsnSoapConnection *conn
g_free(line);
return;
} else if (strcmp(key, "Content-Length") == 0) {
- sscanf(value, "%" G_GSIZE_FORMAT, &(conn->body_len));
+ if (sscanf(value, "%" G_GSIZE_FORMAT, &(conn->body_len)) != 1)
+ purple_debug_error("soap", "Unable to parse Content-Length\n");
} else if (strcmp(key, "Connection") == 0) {
if (strcmp(value, "close") == 0) {
conn->close_when_done = TRUE;
diff --git a/libpurple/util.c b/libpurple/util.c
--- a/libpurple/util.c
+++ b/libpurple/util.c
@@ -3535,7 +3535,8 @@ purple_url_parse(const char *url, char *
if (f <= 1)
*path = '\0';
- sscanf(port_str, "%d", &port);
+ if (sscanf(port_str, "%d", &port) != 1)
+ purple_debug_error("util", "Error parsing URL port from %s\n", url);
if (ret_host != NULL) *ret_host = g_strdup(host);
if (ret_port != NULL) *ret_port = port;
More information about the Commits
mailing list