mirror of
https://github.com/asterisk/asterisk.git
synced 2025-10-14 00:24:05 +00:00
AST-2009-005
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@211539 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This commit is contained in:
Tilghman Lesher
@@ -3149,7 +3149,7 @@ static int lookup_name(const char *s, char *const names[], int max)
|
||||
}
|
||||
|
||||
/* Allow months and weekdays to be specified as numbers, as well */
|
||||
if (sscanf(s, "%d", &i) == 1 && i >= 1 && i <= max) {
|
||||
if (sscanf(s, "%2d", &i) == 1 && i >= 1 && i <= max) {
|
||||
/* What the array offset would have been: "1" would be at offset 0 */
|
||||
return i - 1;
|
||||
}
|
||||
@@ -3226,7 +3226,7 @@ static void get_timerange(struct ast_timing *i, char *times)
|
||||
/* Otherwise expect a range */
|
||||
while ((part = strsep(×, "&"))) {
|
||||
if (!(endpart = strchr(part, '-'))) {
|
||||
if (sscanf(part, "%d:%d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) {
|
||||
if (sscanf(part, "%2d:%2d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) {
|
||||
ast_log(LOG_WARNING, "%s isn't a valid time.\n", part);
|
||||
continue;
|
||||
}
|
||||
@@ -3242,11 +3242,11 @@ static void get_timerange(struct ast_timing *i, char *times)
|
||||
ast_log(LOG_WARNING, "Invalid time range starting with '%s-'.\n", part);
|
||||
continue;
|
||||
}
|
||||
if (sscanf(part, "%d:%d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) {
|
||||
if (sscanf(part, "%2d:%2d", &st_h, &st_m) != 2 || st_h < 0 || st_h > 23 || st_m < 0 || st_m > 59) {
|
||||
ast_log(LOG_WARNING, "'%s' isn't a valid start time.\n", part);
|
||||
continue;
|
||||
}
|
||||
if (sscanf(endpart, "%d:%d", &endh, &endm) != 2 || endh < 0 || endh > 23 || endm < 0 || endm > 59) {
|
||||
if (sscanf(endpart, "%2d:%2d", &endh, &endm) != 2 || endh < 0 || endh > 23 || endm < 0 || endm > 59) {
|
||||
ast_log(LOG_WARNING, "'%s' isn't a valid end time.\n", endpart);
|
||||
continue;
|
||||
}
|
||||
@@ -5541,7 +5541,7 @@ static int parse_variable_name(char *var, int *offset, int *length, int *isfunc)
|
||||
parens--;
|
||||
} else if (*var == ':' && parens == 0) {
|
||||
*var++ = '\0';
|
||||
sscanf(var, "%d:%d", offset, length);
|
||||
sscanf(var, "%30d:%30d", offset, length);
|
||||
return 1; /* offset:length valid */
|
||||
}
|
||||
}
|
||||
@@ -5945,7 +5945,7 @@ static int pbx_load_config(const char *config_file)
|
||||
ipri = lastpri;
|
||||
else
|
||||
ast_log(LOG_WARNING, "Can't use 'same' priority on the first entry!\n");
|
||||
} else if (sscanf(pri, "%d", &ipri) != 1 &&
|
||||
} else if (sscanf(pri, "%30d", &ipri) != 1 &&
|
||||
(ipri = ast_findlabel_extension2(NULL, con, realext, pri, cidmatch)) < 1) {
|
||||
ast_log(LOG_WARNING, "Invalid priority/label '%s' at line %d\n", pri, v->lineno);
|
||||
ipri = 0;
|
||||
|
||||
@@ -355,7 +355,7 @@ int parsetime(char *string, int *result)
|
||||
double temp;
|
||||
char m, s, end;
|
||||
|
||||
k = sscanf(string, "%lf%c%c%c", &temp, &m, &s, &end);
|
||||
k = sscanf(string, "%30lf%1c%1c%1c", &temp, &m, &s, &end);
|
||||
switch (k)
|
||||
{
|
||||
case 0: case EOF: case 4:
|
||||
@@ -396,7 +396,7 @@ int parsefreq(char *string, double *result)
|
||||
double temp;
|
||||
char m, s, end;
|
||||
|
||||
k = sscanf(string, "%lf%c%c%c", &temp, &m, &s, &end);
|
||||
k = sscanf(string, "%30lf%1c%1c%1c", &temp, &m, &s, &end);
|
||||
switch (k)
|
||||
{
|
||||
case 0: case EOF: case 2: case 4:
|
||||
@@ -476,7 +476,7 @@ int parseintarg( int argcount, char *args[], char *string, int *result)
|
||||
if ((i = findoption( argcount, args, string)) > 0)
|
||||
{
|
||||
switch (sscanf(args[i] + 1 + strlen( string),
|
||||
"%d%c", &temp, &c))
|
||||
"%30d%1c", &temp, &c))
|
||||
{
|
||||
case 0: case EOF: case 2:
|
||||
argerrornum(args[i]+1, ME_NOINT);
|
||||
@@ -510,7 +510,7 @@ int parsedoublearg( int argcount, char *args[], char *string, double *result)
|
||||
|
||||
if ((i = findoption( argcount, args, string)) > 0)
|
||||
{
|
||||
switch (sscanf(args[i] + 1 + strlen( string), "%lf%c", &temp, &end))
|
||||
switch (sscanf(args[i] + 1 + strlen( string), "%30lf%1c", &temp, &end))
|
||||
{
|
||||
case 0: case EOF: case 2:
|
||||
argerrornum(args[i]+1, ME_NODOUBLE);
|
||||
@@ -545,7 +545,7 @@ int parsevolarg( int argcount, char *args[], char *string, double *result)
|
||||
if ((i = findoption( argcount, args, string)) > 0)
|
||||
{
|
||||
switch (sscanf(args[i] + 1 + strlen( string),
|
||||
"%lf%c%c%c", &vol, &sbd, &sbb, &end))
|
||||
"%30lf%1c%1c%1c", &vol, &sbd, &sbb, &end))
|
||||
{
|
||||
case 0: case EOF: case 4:
|
||||
weird = TRUE;
|
||||
@@ -593,7 +593,7 @@ int parsevolume(char *s, double *result)
|
||||
char sbd, sbb, end;
|
||||
|
||||
*result = 1.0;
|
||||
k = sscanf(s, "%lf%c%c%c", result, &sbd, &sbb, &end);
|
||||
k = sscanf(s, "%30lf%1c%1c%1c", result, &sbd, &sbb, &end);
|
||||
switch (k)
|
||||
{
|
||||
case 0:
|
||||
|
||||
@@ -156,7 +156,7 @@ static int load_config(void)
|
||||
} else if (!strcasecmp(buf, "smoothfade")) {
|
||||
smoothfade = 1;
|
||||
} else if (!strcasecmp(buf, "mutelevel")) {
|
||||
if (val && (sscanf(val, "%d", &x) == 1) && (x > -1) && (x < 101)) {
|
||||
if (val && (sscanf(val, "%3d", &x) == 1) && (x > -1) && (x < 101)) {
|
||||
mutelevel = x;
|
||||
} else
|
||||
fprintf(stderr, "mutelevel must be a number from 0 (most muted) to 100 (no mute) at line %d\n", lineno);
|
||||
@@ -216,7 +216,7 @@ static int connect_asterisk(void)
|
||||
if (ports) {
|
||||
*ports = '\0';
|
||||
ports++;
|
||||
if ((sscanf(ports, "%d", &port) != 1) || (port < 1) || (port > 65535)) {
|
||||
if ((sscanf(ports, "%5d", &port) != 1) || (port < 1) || (port > 65535)) {
|
||||
fprintf(stderr, "'%s' is not a valid port number in the hostname\n", ports);
|
||||
return -1;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user