security: fix "Unchecked return value" from sscanf()

author Daniel Stenberg <daniel@haxx.se>

Fri, 22 May 2015 14:52:03 +0000 (16:52 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Fri, 22 May 2015 14:52:41 +0000 (16:52 +0200)
author Daniel Stenberg <daniel@haxx.se>
Fri, 22 May 2015 14:52:03 +0000 (16:52 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Fri, 22 May 2015 14:52:41 +0000 (16:52 +0200)
diff --git a/lib/security.c b/lib/security.c

index 524f9cef4e10b01dbae18ca17c4a35461fc93ff4..1bea669d56997b25c6d407523ebf96346c733db8 100644 (file)
--- a/lib/security.c
+++ b/lib/security.c
@@ -359,7 +359,7 @@ int Curl_sec_read_msg(struct connectdata *conn, char *buffer,
       int */
    int decoded_len;
    char *buf;
-  int ret_code;
+  int ret_code = 0;
    size_t decoded_sz = 0;
    CURLcode error;
  
@@ -388,13 +388,13 @@ int Curl_sec_read_msg(struct connectdata *conn, char *buffer,
    }
  
    buf[decoded_len] = '\0';
-  DEBUGASSERT(decoded_len > 3);
-  if(buf[3] == '-')
-    ret_code = 0;
-  else {
-    /* Check for error? */
+  if(decoded_len <= 3)
+    /* suspiciously short */
+    return 0;
+
+  if(buf[3] != '-')
+    /* safe to ignore return code */
      (void)sscanf(buf, "%d", &ret_code);
-  }
  
    if(buf[decoded_len - 1] == '\n')
      buf[decoded_len - 1] = '\0';
@@ -437,8 +437,8 @@ static int sec_set_protection_level(struct connectdata *conn)
  
      pbsz = strstr(conn->data->state.buffer, "PBSZ=");
      if(pbsz) {
-      /* FIXME: Checks for errors in sscanf? */
-      sscanf(pbsz, "PBSZ=%u", &buffer_size);
+      /* ignore return code, use default value if it fails */
+      (void)sscanf(pbsz, "PBSZ=%u", &buffer_size);
        if(buffer_size < conn->buffer_size)
          conn->buffer_size = buffer_size;
      }
author	Daniel Stenberg <daniel@haxx.se>
	Fri, 22 May 2015 14:52:03 +0000 (16:52 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Fri, 22 May 2015 14:52:41 +0000 (16:52 +0200)