[ltt-dev] [UST PATCH] fix sscanf format string

Mathieu Desnoyers compudj at krystal.dyndns.org
Mon Sep 13 14:12:23 EDT 2010 

* Douglas Santos (douglas.santos at polymtl.ca) wrote:
> Signed-off-by: Douglas Santos <douglas.santos at polymtl.ca>
> ---
>  libust/tracectl.c |   14 +++++++-------
>  1 files changed, 7 insertions(+), 7 deletions(-)
> 
> diff --git a/libust/tracectl.c b/libust/tracectl.c
> index dd61ebe..24a0231 100644
> --- a/libust/tracectl.c
> +++ b/libust/tracectl.c
> @@ -529,7 +529,7 @@ static unsigned int pow2_higher_or_eq(unsigned int v)
>  static int do_cmd_set_subbuf_size(const char *recvbuf, struct ustcomm_source *src)
>  {
>  	char *channel_slash_size;
> -	char ch_name[256]="";
> +	char *ch_name;
>  	unsigned int size, power;
>  	int retval = 0;
>  	struct ust_trace *trace;
> @@ -540,7 +540,7 @@ static int do_cmd_set_subbuf_size(const char *recvbuf, struct ustcomm_source *sr
>  	DBG("set_subbuf_size");
>  
>  	channel_slash_size = nth_token(recvbuf, 1);
> -	sscanf(channel_slash_size, "%255[^/]/%u", ch_name, &size);
> +	sscanf(channel_slash_size, "%a[^/]/%u", &ch_name, &size);

Should't we audit all sscanf with %a for the missing free() ?

sscanf(3):

       ·      An  optional  'a'  character.   This is used with string conver‐
              sions, and relieves the caller of the need to allocate a  corre‐
              sponding  buffer to hold the input: instead, scanf() allocates a
              buffer of sufficient size, and assigns the address of this  buf‐
              fer  to  the  corresponding  pointer argument, which should be a
              pointer to a char * variable (this variable does not need to  be
              initialized  before  the  call).  The caller should subsequently
              free(3) this buffer when it is no longer required.   This  is  a
              GNU  extension;  C99  employs  the 'a' character as a conversion
              specifier (and it can also be used as such in the GNU  implemen‐
              tation).

Thanks,

Mathieu


>  
>  	if(ch_name == NULL) {
>  		ERR("cannot parse channel");
> @@ -585,7 +585,7 @@ static int do_cmd_set_subbuf_size(const char *recvbuf, struct ustcomm_source *sr
>  static int do_cmd_set_subbuf_num(const char *recvbuf, struct ustcomm_source *src)
>  {
>  	char *channel_slash_num;
> -	char ch_name[256]="";
> +	char *ch_name;
>  	unsigned int num;
>  	int retval = 0;
>  	struct ust_trace *trace;
> @@ -596,7 +596,7 @@ static int do_cmd_set_subbuf_num(const char *recvbuf, struct ustcomm_source *src
>  	DBG("set_subbuf_num");
>  
>  	channel_slash_num = nth_token(recvbuf, 1);
> -	sscanf(channel_slash_num, "%255[^/]/%u", ch_name, &num);
> +	sscanf(channel_slash_num, "%a[^/]/%u", &ch_name, &num);
>  
>  	if(ch_name == NULL) {
>  		ERR("cannot parse channel");
> @@ -1042,10 +1042,10 @@ int process_client_cmd(char *recvbuf, struct ustcomm_source *src)
>  	}
>  	else if(nth_token_is(recvbuf, "enable_marker", 0) == 1) {
>  		char *channel_slash_name = nth_token(recvbuf, 1);
> -		char channel_name[256]="";
> -		char marker_name[256]="";
> +		char *channel_name;
> +		char *marker_name;
>  
> -		result = sscanf(channel_slash_name, "%255[^/]/%255s", channel_name, marker_name);
> +		result = sscanf(channel_slash_name, "%a[^/]/%as", &channel_name, &marker_name);
>  
>  		if(channel_name == NULL || marker_name == NULL) {
>  			WARN("invalid marker name");
> -- 
> 1.7.0.4
> 
> 
> _______________________________________________
> ltt-dev mailing list
> ltt-dev at lists.casi.polymtl.ca
> http://lists.casi.polymtl.ca/cgi-bin/mailman/listinfo/ltt-dev
> 

-- 
Mathieu Desnoyers
Operating System Efficiency R&D Consultant
EfficiOS Inc.
http://www.efficios.com

More information about the lttng-dev mailing list