summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Kalnischkies <kalnischkies@gmail.com>2012-03-05 00:37:54 +0100
committerDavid Kalnischkies <kalnischkies@gmail.com>2012-03-05 00:37:54 +0100
commit324cbd5693a3cf13224561aa14fc2057d8696469 (patch)
tree8a7d661f0fd509622642152149d5e8bdfe0a8677
parent785412cf3b03878fc6857c7d453376a029d9eb6a (diff)
as we parse datestrings from external sources a lot specify the length
of the integer fields as well to avoid crashes in scanf as cppchecks warns: "(warning) scanf without field width limits can crash with huge input data"
-rw-r--r--apt-pkg/contrib/strutl.cc6
1 files changed, 3 insertions, 3 deletions
diff --git a/apt-pkg/contrib/strutl.cc b/apt-pkg/contrib/strutl.cc
index 861cdcbeb..99efa8d98 100644
--- a/apt-pkg/contrib/strutl.cc
+++ b/apt-pkg/contrib/strutl.cc
@@ -910,17 +910,17 @@ bool StrToTime(const string &Val,time_t &Result)
// Handle RFC 1123 time
Month[0] = 0;
- if (sscanf(I," %d %3s %d %d:%d:%d GMT",&Tm.tm_mday,Month,&Tm.tm_year,
+ if (sscanf(I," %2d %3s %4d %2d:%2d:%2d GMT",&Tm.tm_mday,Month,&Tm.tm_year,
&Tm.tm_hour,&Tm.tm_min,&Tm.tm_sec) != 6)
{
// Handle RFC 1036 time
- if (sscanf(I," %d-%3s-%d %d:%d:%d GMT",&Tm.tm_mday,Month,
+ if (sscanf(I," %2d-%3s-%3d %2d:%2d:%2d GMT",&Tm.tm_mday,Month,
&Tm.tm_year,&Tm.tm_hour,&Tm.tm_min,&Tm.tm_sec) == 6)
Tm.tm_year += 1900;
else
{
// asctime format
- if (sscanf(I," %3s %d %d:%d:%d %d",Month,&Tm.tm_mday,
+ if (sscanf(I," %3s %2d %2d:%2d:%2d %4d",Month,&Tm.tm_mday,
&Tm.tm_hour,&Tm.tm_min,&Tm.tm_sec,&Tm.tm_year) != 6)
{
// 'ftp' time