kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-29 18:19:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

AST-2009-005

Browse Source 
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@211539 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This commit is contained in:
Tilghman Lesher
2009-08-10 19:20:57 +00:00
parent 41894bea92
commit 642bec4d6f
101 changed files with 484 additions and 455 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
cdr/cdr_adaptive_odbc.c
View File

@@ -460,7 +460,7 @@ static int odbc_log(struct ast_cdr *cdr)
case SQL_TYPE_DATE:
{
int year = 0, month = 0, day = 0;
if (sscanf(colptr, "%d-%d-%d", &year, &month, &day) != 3 || year <= 0 ||
if (sscanf(colptr, "%4d-%2d-%2d", &year, &month, &day) != 3 || year <= 0 ||
month <= 0 || month > 12 || day < 0 || day > 31 ||
((month == 4 || month == 6 || month == 9 || month == 11) && day == 31) ||
(month == 2 && year % 400 == 0 && day > 29) ||
@@ -483,7 +483,7 @@ static int odbc_log(struct ast_cdr *cdr)
case SQL_TYPE_TIME:
{
int hour = 0, minute = 0, second = 0;
int count = sscanf(colptr, "%d:%d:%d", &hour, &minute, &second);
int count = sscanf(colptr, "%2d:%2d:%2d", &hour, &minute, &second);
if ((count != 2 && count != 3) || hour < 0 || hour > 23 || minute < 0 || minute > 59 || second < 0 || second > 59) {
ast_log(LOG_WARNING, "CDR variable %s is not a valid time ('%s').\n", entry->name, colptr);
@@ -499,7 +499,7 @@ static int odbc_log(struct ast_cdr *cdr)
case SQL_TIMESTAMP:
{
int year = 0, month = 0, day = 0, hour = 0, minute = 0, second = 0;
int count = sscanf(colptr, "%d-%d-%d %d:%d:%d", &year, &month, &day, &hour, &minute, &second);
int count = sscanf(colptr, "%4d-%2d-%2d %2d:%2d:%2d", &year, &month, &day, &hour, &minute, &second);
if ((count != 3 && count != 5 && count != 6) || year <= 0 ||
month <= 0 || month > 12 || day < 0 || day > 31 ||
@@ -525,7 +525,7 @@ static int odbc_log(struct ast_cdr *cdr)
case SQL_INTEGER:
{
int integer = 0;
if (sscanf(colptr, "%d", &integer) != 1) {
if (sscanf(colptr, "%30d", &integer) != 1) {
ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name);
continue;
}
@@ -538,7 +538,7 @@ static int odbc_log(struct ast_cdr *cdr)
case SQL_BIGINT:
{
long long integer = 0;
if (sscanf(colptr, "%lld", &integer) != 1) {
if (sscanf(colptr, "%30lld", &integer) != 1) {
ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name);
continue;
}
@@ -551,7 +551,7 @@ static int odbc_log(struct ast_cdr *cdr)
case SQL_SMALLINT:
{
short integer = 0;
if (sscanf(colptr, "%hd", &integer) != 1) {
if (sscanf(colptr, "%30hd", &integer) != 1) {
ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name);
continue;
}
@@ -564,7 +564,7 @@ static int odbc_log(struct ast_cdr *cdr)
case SQL_TINYINT:
{
char integer = 0;
if (sscanf(colptr, "%hhd", &integer) != 1) {
if (sscanf(colptr, "%30hhd", &integer) != 1) {
ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name);
continue;
}
@@ -577,7 +577,7 @@ static int odbc_log(struct ast_cdr *cdr)
case SQL_BIT:
{
char integer = 0;
if (sscanf(colptr, "%hhd", &integer) != 1) {
if (sscanf(colptr, "%30hhd", &integer) != 1) {
ast_log(LOG_WARNING, "CDR variable %s is not an integer.\n", entry->name);
continue;
}
@@ -593,7 +593,7 @@ static int odbc_log(struct ast_cdr *cdr)
case SQL_DECIMAL:
{
double number = 0.0;
if (sscanf(colptr, "%lf", &number) != 1) {
if (sscanf(colptr, "%30lf", &number) != 1) {
ast_log(LOG_WARNING, "CDR variable %s is not an numeric type.\n", entry->name);
continue;
}
@@ -608,7 +608,7 @@ static int odbc_log(struct ast_cdr *cdr)
case SQL_DOUBLE:
{
double number = 0.0;
if (sscanf(colptr, "%lf", &number) != 1) {
if (sscanf(colptr, "%30lf", &number) != 1) {
ast_log(LOG_WARNING, "CDR variable %s is not an numeric type.\n", entry->name);
continue;
}

6
cdr/cdr_pgsql.c
View File

@@ -237,7 +237,7 @@ static int pgsql_log(struct ast_cdr *cdr)
ast_cdr_getvar(cdr, cur->name, &value, buf, sizeof(buf), 0, 0);
if (strncmp(cur->type, "int", 3) == 0) {
long long whatever;
if (value && sscanf(value, "%lld", &whatever) == 1) {
if (value && sscanf(value, "%30lld", &whatever) == 1) {
LENGTHEN_BUF2(26);
ast_str_append(&sql2, 0, "%s%lld", first ? "" : ",", whatever);
} else {
@@ -246,7 +246,7 @@ static int pgsql_log(struct ast_cdr *cdr)
}
} else if (strncmp(cur->type, "float", 5) == 0) {
long double whatever;
if (value && sscanf(value, "%Lf", &whatever) == 1) {
if (value && sscanf(value, "%30Lf", &whatever) == 1) {
LENGTHEN_BUF2(51);
ast_str_append(&sql2, 0, "%s%30Lf", first ? "" : ",", whatever);
} else {
@@ -501,7 +501,7 @@ static int config_module(int reload)
ast_verb(4, "Found column '%s' of type '%s'\n", fname, ftype);
cur = ast_calloc(1, sizeof(*cur) + strlen(fname) + strlen(ftype) + 2);
if (cur) {
sscanf(flen, "%d", &cur->len);
sscanf(flen, "%30d", &cur->len);
cur->name = (char *)cur + sizeof(*cur);
cur->type = (char *)cur + sizeof(*cur) + strlen(fname) + 1;
strcpy(cur->name, fname);