[PATCH 6/6] Do not ignore return values of scanf/asprintf
Peter Hutterer
peter.hutterer at who-t.net
Thu Sep 28 21:18:42 UTC 2017
On Wed, Sep 27, 2017 at 10:58:31AM -0700, Dmitry Torokhov wrote:
> The functions are often declared as "warn unused result", which causes
> compiler time warnings. Invalid user input may also lead to not entirely
> correct utility behavior.
>
> Signed-off-by: Dmitry Torokhov <dtor at chromium.org>
thanks, pushed all but patch 5
Cheers,
Peter
> ---
> evtest.c | 17 +++++++++--------
> 1 file changed, 9 insertions(+), 8 deletions(-)
>
> diff --git a/evtest.c b/evtest.c
> index 60714c6..ffcff78 100644
> --- a/evtest.c
> +++ b/evtest.c
> @@ -714,7 +714,7 @@ static int is_event_device(const struct dirent *dir) {
> static char* scan_devices(void)
> {
> struct dirent **namelist;
> - int i, ndev, devnum;
> + int i, ndev, devnum, match;
> char *filename;
> int max_device = 0;
>
> @@ -740,22 +740,23 @@ static char* scan_devices(void)
> fprintf(stderr, "%s: %s\n", fname, name);
> close(fd);
>
> - sscanf(namelist[i]->d_name, "event%d", &devnum);
> - if (devnum > max_device)
> + match = sscanf(namelist[i]->d_name, "event%d", &devnum);
> + if (match >= 1 && devnum > max_device)
> max_device = devnum;
>
> free(namelist[i]);
> }
>
> fprintf(stderr, "Select the device event number [0-%d]: ", max_device);
> - scanf("%d", &devnum);
>
> - if (devnum > max_device || devnum < 0)
> + match = scanf("%d", &devnum);
> + if (match < 1 || devnum > max_device || devnum < 0)
> return NULL;
>
> - asprintf(&filename, "%s/%s%d",
> - DEV_INPUT_EVENT, EVENT_DEV_NAME,
> - devnum);
> + if (asprintf(&filename, "%s/%s%d",
> + DEV_INPUT_EVENT, EVENT_DEV_NAME,
> + devnum) < 0)
> + return NULL;
>
> return filename;
> }
> --
> 2.14.2.822.g60be5d43e6-goog
More information about the Input-tools
mailing list