Check return value of sscanf()

[szsam]

The variable recvsize is read, but may not have been written. It should be guarded by a check that the call to sscanf returns at least 1.

[Hojun-Cho]

I don't think this is a 'should'. - if 'gets_' returned a value of 0 or less, then break the loop. If not, buf contains something.

            char buf[64];
            if (gets_(client, buf, sizeof(buf)) <= 0)
                break;

            // parse chunk size
            unsigned int recvsize;  // this time chunk size
            sscanf(buf, "%x", &recvsize);
            if (recvsize == 0) {
                // end of transfer
                completed = true;
            }

[wolkykim]

@szsam Thanks for bringing this up, but as @Hojun-Cho mentioned above, there is no good reason to use CPU clocks for checking the return value of sscanf(). Please let me know if you have other thoughts.

[szsam]

if 'gets_' returned a value of 0 or less, then break the loop. If not, buf contains something.

"buf contains something" does not necessarily mean the sscanf call will succeed. E.g. the buf may contain "GGGGG" -- an invalid hex number.

Moreover, recvsize is not initialized. If we do not want to check the return value of sscanf anyway, we should at least initialize recvsize to 0.

[wolkykim]

Looking at this issue closely again. You are absolutely right. Thanks for the PR. Merged in.