mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 08:08:50 -05:00
security: fix "Unchecked return value" from sscanf()
By (void) prefixing it and adding a comment. Did some minor related cleanups. Coverity CID 1299423.
This commit is contained in:
parent
1514977bcd
commit
e582cd16ff
@ -359,7 +359,7 @@ int Curl_sec_read_msg(struct connectdata *conn, char *buffer,
|
|||||||
int */
|
int */
|
||||||
int decoded_len;
|
int decoded_len;
|
||||||
char *buf;
|
char *buf;
|
||||||
int ret_code;
|
int ret_code = 0;
|
||||||
size_t decoded_sz = 0;
|
size_t decoded_sz = 0;
|
||||||
CURLcode error;
|
CURLcode error;
|
||||||
|
|
||||||
@ -388,13 +388,13 @@ int Curl_sec_read_msg(struct connectdata *conn, char *buffer,
|
|||||||
}
|
}
|
||||||
|
|
||||||
buf[decoded_len] = '\0';
|
buf[decoded_len] = '\0';
|
||||||
DEBUGASSERT(decoded_len > 3);
|
if(decoded_len <= 3)
|
||||||
if(buf[3] == '-')
|
/* suspiciously short */
|
||||||
ret_code = 0;
|
return 0;
|
||||||
else {
|
|
||||||
/* Check for error? */
|
if(buf[3] != '-')
|
||||||
|
/* safe to ignore return code */
|
||||||
(void)sscanf(buf, "%d", &ret_code);
|
(void)sscanf(buf, "%d", &ret_code);
|
||||||
}
|
|
||||||
|
|
||||||
if(buf[decoded_len - 1] == '\n')
|
if(buf[decoded_len - 1] == '\n')
|
||||||
buf[decoded_len - 1] = '\0';
|
buf[decoded_len - 1] = '\0';
|
||||||
@ -437,8 +437,8 @@ static int sec_set_protection_level(struct connectdata *conn)
|
|||||||
|
|
||||||
pbsz = strstr(conn->data->state.buffer, "PBSZ=");
|
pbsz = strstr(conn->data->state.buffer, "PBSZ=");
|
||||||
if(pbsz) {
|
if(pbsz) {
|
||||||
/* FIXME: Checks for errors in sscanf? */
|
/* ignore return code, use default value if it fails */
|
||||||
sscanf(pbsz, "PBSZ=%u", &buffer_size);
|
(void)sscanf(pbsz, "PBSZ=%u", &buffer_size);
|
||||||
if(buffer_size < conn->buffer_size)
|
if(buffer_size < conn->buffer_size)
|
||||||
conn->buffer_size = buffer_size;
|
conn->buffer_size = buffer_size;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user