[Pkg-wmaker-commits] [wmmon] 19/38: wmgeneral: Use field width limits for scanf.

[Doug Torrance]

This is an automated email from the git hooks/post-receive script.

dtorrance-guest pushed a commit to branch upstream
in repository wmmon.

commit 9783b686fc1f7d1c7a1bc560b22eba8fa875441f
Author: Doug Torrance <dtorrance at monmouthcollege.edu>
Date:   Tue May 19 22:30:51 2015 -0500

    wmgeneral: Use field width limits for scanf.
    
    This fixes "(portability) scanf without field width limits can crash with
    huge input data on some versions of libc" warning from cppcheck.
    
    We choose 10 as the field width limit as it is the number of characters in
    2^31-1, the largest int.
---
 wmgeneral/wmgeneral.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/wmgeneral/wmgeneral.c b/wmgeneral/wmgeneral.c
index 9b7e5d0..0ca67c9 100644
--- a/wmgeneral/wmgeneral.c
+++ b/wmgeneral/wmgeneral.c
@@ -306,7 +306,7 @@ void createXBMfromXPM(char *xbm, char **xpm, int sx, int sy) {
 	int 	zero=0;
 	int     curpixel;
 
-	sscanf(*xpm, "%d %d %d %d", &width, &height, &numcol, &depth);
+	sscanf(*xpm, "%10d %10d %10d %10d", &width, &height, &numcol, &depth);
 
 
 	for (k=0; k!=depth; k++)
@@ -483,7 +483,7 @@ void openXwindow(int argc, char *argv[], char *pixmap_bytes[], char *pixmask_bit
 	XMapWindow(display, win);
 
 	if (geometry) {
-		if (sscanf(geometry, "+%d+%d", &wx, &wy) != 2) {
+		if (sscanf(geometry, "+%10d+%10d", &wx, &wy) != 2) {
 			fprintf(stderr, "Bad geometry string.\n");
 			exit(1);
 		}

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-wmaker/wmmon.git