Permalink
Browse files

Add field size limits to sscanf's

  • Loading branch information...
daniel-kristjansson committed Feb 2, 2012
1 parent 4167a42 commit cc48e1e9f4f64739decf76487efa9177ca3366b5
@@ -215,7 +215,7 @@ ZMServer::ZMServer(int sock, bool debug)
string setting = getZMSetting("ZM_SHM_KEY");
if (setting != "")
sscanf(setting.c_str(), "%x", (unsigned int *)&m_shmKey);
sscanf(setting.c_str(), "%20x", (unsigned int *)&m_shmKey);
if (m_debug)
{
snprintf(buf, sizeof(buf), "0x%x", (unsigned int)m_shmKey);
@@ -255,8 +255,11 @@ newAdjustFilter (VideoFrameType inpixfmt, VideoFrameType outpixfmt,
}
if (options)
numopts = sscanf(options, "%d:%d:%f:%d:%d:%f", &ymin, &ymax, &ygamma,
{
numopts = sscanf(options, "%20d:%20d:%20f:%20d:%20d:%20f",
&ymin, &ymax, &ygamma,
&cmin, &cmax, &cgamma);
}
if (numopts != 6 && (numopts !=1 && ymin != -1))
{
@@ -271,7 +271,7 @@ static VideoFilter *new_filter(VideoFrameType inpixfmt,
if (options)
{
unsigned int param1, param2, param3, param4;
if (sscanf(options, "%u:%u:%u:%u",
if (sscanf(options, "%20u:%20u:%20u:%20u",
&param1, &param2, &param3, &param4) == 4)
{
filter->yp1 = param1;
@@ -428,7 +428,8 @@ static VideoFilter *NewDenoise3DFilter(VideoFrameType inpixfmt,
if (options)
{
double param1, param2, param3;
switch (sscanf (options, "%lf:%lf:%lf", &param1, &param2, &param3))
switch (sscanf(options, "%20lf:%20lf:%20lf",
&param1, &param2, &param3))
{
case 0:
default:
@@ -487,7 +487,7 @@ static VideoFilter *new_filter(VideoFrameType inpixfmt,
if (options)
{
int ret = sscanf(options, "%u:%u:%u:%u",
int ret = sscanf(options, "%20u:%20u:%20u:%20u",
&Param1, &Param2, &Param3, &Param4);
switch (ret)
{
@@ -156,7 +156,8 @@ QString Jitterometer::GetCPUStat(void)
memset(stats, 0, size);
int num = 0;
if (sscanf(line.constData(),
"cpu%d %llu %llu %llu %llu %llu %llu %llu %llu %llu %*s\n",
"cpu%30d %30llu %30llu %30llu %30llu %30llu "
"%30llu %30llu %30llu %30llu %*5000s\n",
&num, &stats[0], &stats[1], &stats[2], &stats[3],
&stats[4], &stats[5], &stats[6], &stats[7], &stats[8]) >= 4)
{
@@ -1734,7 +1734,7 @@ static int lirc_code2char_internal(const struct lirc_state *state,
int quit_happened;
*string=NULL;
if(sscanf(code,"%*x %x %*s %*s\n",&rep)==1)
if(sscanf(code,"%*20x %20x %*5000s %*5000s\n",&rep)==1)
{
backup=strdup(code);
if(backup==NULL) return(-1);

0 comments on commit cc48e1e

Please sign in to comment.